fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Explains The Cause Of Yesterday’s Massive Service Outage

Microsoft Explains The Cause Of Yesterday’s Massive Service Outage

Microsoft has shed some light on the root cause behind yesterday’s massive Azure authentication outage that affected multiple Microsoft services and blocked users from logging into their accounts.

Customers experienced authentication errors across many Microsoft services, including Microsoft 365, Microsoft Teams, Exchange Online, Forms, Xbox Live, Intune, Outlook.com, Office Web, SharePoint Online, OneDrive for Business, Yammer, and more.

After confirming that the service outage affected login and authentication flows across its online services, Microsoft said that the widespread outages resulted from an Azure Active Directory (Azure AD) configuration issue.

This issue prevented users from authenticating to Microsoft 365, Exchange Online, Microsoft Teams, or any other service relying on Azure AD.

“Between 19:00 UTC (approx) on March 15, 2021, and 09:25 UTC on March 16, 2021 customers may have encountered errors performing authentication operations for any Microsoft and third-party applications that depend on Azure Active Directory (Azure AD) for authentication,” Microsoft explained today in a preliminary root cause analysis report.

Also Read: The DNC Registry Singapore: 5 Things You Must Know

Signing keys rotation failure leads to token validation issues

As Microsoft explained, the authentication and login issues behind yesterday’s outage were caused by an error that affected the correct rotation of the signing keys used to support Azure AD’s use of OpenID.

Signing keys are private and public cryptographic key pairs that are used to sign authentication requests from a user.

Microsoft’s identity platform rotates signing keys on a periodic basis for security purposes, with apps being required to handle key rollover events so that authentication attempts don’t fail.

“As part of standard security hygiene, an automated system, on a time-based schedule, removes keys that are no longer in use,” Microsoft said.

“Over the last few weeks, a particular key was marked as ‘retain’ for longer than normal to support a complex cross-cloud migration. This exposed a bug where the automation incorrectly ignored that ‘retain’ state, leading it to remove that particular key.”

After the signing key was removed, even though it was marked to be retained longer, apps using Azure AD authentication services immediately stopped trusting the tokens signed with the removed key.

This led to all user login attempts to affected apps and services being rejected and, as a result, users no longer were able to access their accounts.

Microsoft engineers rolled back the key metadata to the state before the worldwide service outage started to mitigate the issue.

However, the outage wasn’t immediately mitigated due to the different “server implementations that handle caching differently.” 

Users continued experiencing issues until the impacted apps managed to pick up the updated key metadata and refresh their caches.

While the outage impact was largely mitigated after rolling back the key changes, Microsoft is still working on bringing back up Intune and Microsoft Managed Desktop.

Azure AD backup authentication system still a work in progress

“We understand how incredibly impactful and unacceptable this is and apologize deeply,” Microsoft said.

“We are continuously taking steps to improve the Microsoft Azure Platform and our processes to help ensure such incidents do not occur in the future.”

In September, Microsoft customers experiencing another massive worldwide outage showing “transient” errors that knocked down Office 365 and related services, including Microsoft Teams, Office.com, Power Platform, and Dynamics365.

As Microsoft explained at the time, that outage was caused by an Azure AD service update that mistakenly hit the production environment.

Also Read: How To Comply With PDPA: A Checklist For Businesses

While Redmond started working on an Azure AD backup authentication system following the September outage, it didn’t help because it is only designed to cover token issuance issues and no the token validation ones caused by the key rotation error.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us