This is not unexpected. Cybercriminals are fairly smart and they are motivated to target the resources with the greatest and/or most effective access. As more and more of the world moves their respective Exchange and Active Directory resources to the cloud, O365 and Azure administrators move up the valued target list.
This article simply points out something we have known for some time. We must take phishing threats and associated awareness training seriously. This must become a priority for every organization, large and small. This issue also places a brighter spotlight on the security associated with service providers and 3rd party administrators. Make sure your security controls take those resources into consideration as well.
This situation is a great example of the importance of patch and firmware management. Just because a system is hosted in the cloud, it does not mean that you are not responsible for parts if not all of the patch and firmware oversight. Pay close attention to your service level agreements and other cloud services documentation.
If you are using these particular Azure services from Microsoft, please review this content and patch accordingly.
This is a very difficult situation from an IT security perspective. Multi-factor authentication is a necessary step for the security of many systems and applications, especially those that are cloud hosted. These types of outages can and will shake the confidence of users and make the move to multi-factor authentication that much more difficult to pursue and expand for IT security professionals in organizations.
Kudos to Microsoft for heading down this path and taking one more step closer to better password security. It is still not a perfect world scenario, but it is better than the basic controls inherent to the OS.
This type of unpatched vulnerability could have serious implications for any organization running MS components in the Azure cloud. The compromise of a domain controller could lead to the complete infiltration of an environment, providing bad guys with the ability to touch and review hundreds of servers, create unknown numbers of hidden accounts with elevated privileges, and lay the groundwork for data ex-filtration and ransomware-style infections. Please review your environments and patch accordingly.
Aside from the coolness factor and the idea of renewable energy sources and lower cooling costs, a ton can be said about the physical security component of rackspace on the ocean floor.