Large parts of the internet were temporarily offline today, including Amazon, Reddit and Twitch, it has been reported. Other significant organizations whose websites were affected by the incident included media outlets the Financial Times, The Guardian and New York Times and the UK’s Gov.uk. When users attempted to enter these websites, they were met with messages like “Error 503 Service Unavailable” and “connection failure.”
Experts have traced the issue to a Fastly content delivery network (CDN) failure, which underpins many major websites. Fastly is a cloud computing services provider that runs an “edge cloud” designed to speed up loading times for websites, protect them from denial-of-service attacks and help them deal with bursts of traffic.
The Guardian reported that the outage started at around 11 am BST, lasting for approximately 30 minutes.
While the failure brought some websites down entirely, specific sections of other services were also damaged. These include the servers on Twitter that host the social network’s emojis.
The affected websites now appear to back online, and at around 12.10 BST, Fastly tweeted: “We identified a service configuration that triggered disruptions across our POPs globally and have disabled that configuration. Our global network is coming back online.” The company has also provided continuous updates about the issue on its service status pages.
Security experts were quick to express their concerns about the failure in Fastly’s system, as it highlights the reliance many organizations have on CDN infrastructure for the running of their websites and may provide opportunities for cyber-criminals to strike. Michael Barragry, operations lead and security consultant at edgescan commented: “CDNs have become ubiquitous in today’s web. Although they are primarily used to ensure smooth delivery of resources so that websites can perform optimally, they also often supply additional security features such as WAF-like traffic filtering and DDoS protection.
“The exact nature of this “issue” is unclear, but given how vast the impact appears to be, it looks to have transcended any failover or redundancies that were in place. This outage could also represent a window of opportunity for further attacks – especially against those sites which have an over-dependence upon CDN infrastructure for their security. Additional independent security layers should be used where appropriate to ensure that no single point of failure is present.”
Sergio Loureiro, cloud security director at Outpost24, said: “We have yet to gain insights into what exactly lead to this global outage. Based on the Fastly status pages, all their content delivery systems are affected by this issue. This global outage that affects many high-profile companies does highlight the dependency we have on cloud services and their availability. This directly impacts many businesses, including for example Reddit who’s entire business is based around their website.”