Cloudflare experienced a disruptive outage marked by “We’re sorry” Google errors on its website. The error message suggested potential automated queries from users’ computers or networks, disrupting normal processing. Cloudflare’s Head of Organic Social, Ryan Knight, noted an anomalous Google logo design on the error page. Later, Cloudflare confirmed the outage resulted from a distributed denial-of-service (DDoS) attack, specifically impacting the www.cloudflare.com website. Fortunately, the attack had no adverse effects on other Cloudflare services or products.
A Cloudflare spokesperson clarified that the DDoS attack led to intermittent connectivity issues on www.cloudflare.com for a brief period, but no customers were impacted. The spokesperson emphasized the deliberate separation of the website infrastructure from core Cloudflare services, ensuring full functionality of the latter. In the midst of this cyber incident, a group identifying as Anonymous Sudan claimed responsibility for the DDoS attack. This threat group, also known as Storm-1359, has a history of targeting entities connected to Sudanese politics.
However, some analysts cast doubt on these claims, suspecting a potential false flag and suggesting connections to Russia instead. Anonymous Sudan not only asserted responsibility for the Cloudflare incident but also claimed involvement in other notable cyberattacks, including the DDoS attack on OpenAI’s ChatGPT bot and disruptions to Microsoft’s Outlook.com, OneDrive, and Azure Portal in June.
The group stated its motivation to target countries and organizations interfering with Sudanese politics. Despite their claims, some analysts question the authenticity of these statements and posit alternative theories linking the group to Russia. The situation underscores the intricate challenges in attributing cyber threats and the potential geopolitical motivations behind such cyber activities.