A large portion of the Internet has been knocked offline, after an issue with a cloud computing firm called Fastly, which provides key services to many websites.
Indeed, so serious is the problem, it has taken major websites such as Amazon, the UK Government, CNN, Reddit, the Guardian etc offline. The affected websites no longer load and users instead see a range of error messages, usually “503 Service Unavailable.”
Digging further, the typical message then displayed is “Fastly error: unknown domain: edition.cnn.com,” for example. Some websites, such as Twitter, still reportedly work but no longer display emojis used in posts.
Other websites are not impacted however.
Facebook, the BBC, and Microsoft Teams are still operational, as is the Silicon UK website.
On its ‘service status’ page, Fastly, reported a “CDN Performance Impact” error message.
“Investigating – We’re currently investigating potential impact to performance with our CDN services,” it warned on Tuesday morning.
“Update – We are continuing to investigate this issue,” it added.
However a major outage that affects multiple websites and large swathes of the Internet is very rare, and will trigger questions and follow up actions so firms can improve resilience going forward.
And security experts have been quick to respond to what has been a significant outage.
“Whether it be malicious or otherwise, this highlights the importance and significance of these vast hosting companies and what they represent,” said Jake Moore, cybersecurity specialist at ESET.
“It would be difficult to point the finger at an attack at this early development stage, but it cannot be ruled out due to the impact a potential attack could have,” said Moore. “These middle suppliers are an easy target should they ever be hit with the perfect attack. Multiple areas will be significantly impacted as a result of this, along with an inevitable financial hit.”
Another expert agreed this outage demonstrated how much many companies rely on the services of just a few single suppliers.
“This incident highlights the reliance of many of the world’s biggest websites on content delivery networks (CDNs) such as Fastly,” said Toby Stephenson, CTO at Neuways. “As there are so few of these CDN services, these outages can occur from time-to-time.”
“By using these CDNs to push content to readers, these websites are usually fast and responsive, but on this occasion they have been left with egg on their collective faces,” said Stephenson. “The technical backends of these big websites are probably fine, but it is the frontends that can’t be accessed and content cannot be pushed as the network is down.”
Another expert added his concern about relying on a few firms.
“Fastly CDN had major problems affecting Stack Overflow, Spotify, Stripe, Gov.uk and GitHub among others,” noted Gaz Jones, technical director of digital agency Think3. “This is what happens when half of the internet relies on Goliaths like Amazon, Google and Fastly for all of its servers and web services. The entire internet has become dangerously geared on just a few players.”
Another expert explained the content delivery network operating model, and questioned whether the outage has impacted any organisation’s data.
“Fastly provide content delivery network (“CDN”) services to companies,” explained Mark Hendry, director of data protection and cyber security at legal specialist DWF.
“The intention of CDNs is to route (or distribute) internet traffic and services through ‘nodes’ in order to balance the load of traffic, prevent bottlenecks and result in high availability and faster content delivery,” said Hendry.
“Requests for content are directed by an algorithm, for instance the algorithm might direct the traffic so that it routes through the most available or highest performing node, or so that the traffic takes the fastest network route to the requestor,” said Hendry. “This is the reason that some internet users are reporting no issues with accessing content that is unavailable to others – for instance individuals from Berlin are reporting via Twitter that they can access website content that users in London cannot access.”
“Fastly have not yet provided comment on the precise nature of the problem,” said Hendry. “Some of the affected organisations have apparently sought to rectify the issue, perhaps by reverting to non-CDN schemes of distribution, however if this is the case users of those websites can expect for their experience to be slower than normal until the CDN can be restored.”
“Whilst the outage can be considered an availability of services issue, it is not clear at this time whether any underlying data or infrastructure belonging to the affected organisations has become vulnerable as a result of the issue,” he concluded.
Finally, another expert said it remarkable how one outage can cause such problems, and demonstrates the need for ‘firebreaks’ in systems to improve resilience.
“It is remarkable that within ten minutes, one outage can send the world into chaos,” said Mark Rodbert, CEO of Idax. “This demonstrates the extent to which the move to the cloud has changed the things that companies need to protect.”
“Whether the people inside a company or a supplier have made a mistake, or malicious perpetrators outside the perimeter have created the problem, it’s so important that we create firebreaks in the system so that if one company, or even just one well connected employee is compromised, the whole system isn’t brought to its knees,” said Rodbert.
UPDATE: After a few hours outage on Tuesday 8 June 2021, many of the websites affected by the problem have begun working again.
Square chief executive Jack Dorsey says fintech company looking into custom-built Bitcoin mining hardware that…
Facebook wants to make wearable tech more useful with artificial intelligence trained on massive set…
IT and email systems at Sunderland University offline since last week following 'major cyber-attack' that…