Microsoft Skype Hit By Alleged DDoS Attack, Causes Connectivity Challenges


Printer-friendly version Email this CRN article

Microsoft has confirmed an outage in its Skype offering, which caused connectivity issues earlier this week and is allegedly the result of a Distributed Denial of Service attack.

Skype users started complaining about connectivity issues on Monday, with hours of downtime. The issues continued into Tuesday, with users losing connectivity and having trouble exchanging messages on the communications platform. The outage appeared to primarily affect Europe.

It is not clear if the connectivity issues affected just the consumer Skype application, or also Skype for Business.

[Related: Massive DDoS Attack On U.S. College Throws IoT Security Into The Spotlight -- Again]

Microsoft confirmed the issues with the service in a Tweet and on its blog, saying Monday that they were "aware of an incident where users will either lose connectivity to the application or may be unable to send or receive messages. Some users will be unable to see a black bar that indicates them that a group call is ongoing, and longer delays in adding users to their buddy list." On Tuesday Microsoft updated the blog post to say it was "seeing improvements" but some users still were having issues with the service and the company was "working on that."

Microsoft further updated the blog on Tuesday, saying it had made "some configuration corrections and mitigated the impact."

"We are continuing to monitor and we will post an update when the issue is fully resolved," Microsoft said.

Microsoft did not confirm reports at the time that the outage was the result of a DDoS attack. A hacker group, called CyberTeam, claimed responsibility for the attack in a tweet, saying "Skype Down by Cyberteam."

Michael Goldstein, president and CEO of LAN Infotech, a Fort Lauderdale, Fla.-based Microsoft partner, called the incident "pretty scary," assuming reports of a DDoS attack were true. He said it is concerning for small and medium businesses if a company as large as Microsoft can be hit by such an attack.

"It is definitely showing how the bad guys, how the dark side, is still looking to push [against big companies]," Goldstein said.

Goldstein said his company views Skype for Business as a "critical product" for both its own business and for its clients. He said he hopes Microsoft is working to bolster its Skype for Business product, as well as its consumer Skype product, against further attacks.

The reports of a DDoS attack against Microsoft come just a few months after a massive DDoS attack on Dyn caused significant Internet outages on the East Coast. The incident took down many popular websites, including Twitter and Netflix, as well as more than 1,200 other sites. The attacks in the October attack came from devices infected by the Mirai botnet – a malware that was revealed earlier in the month and spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.

Printer-friendly version Email this CRN article