Reddit, Gov.uk, Spotify, PayPal And More Go Down In Fastly CDN Outage

BACKGROUND:

The popular websites including Reddit, Spotify, Twitch, Stack Overflow, GitHub, gov.uk, Hulu, HBO Max, Quora, PayPal, Vimeo, Shopify, and news outlets CNN, the Guardian, the New York Times, BBC, Financial Times are currently facing an outage. A glitch at Fastly, a popular CDN provider, is thought to be the reason, according to a product manager at Financial Times. Fastly has confirmed it’s facing an outage on its status website.

Experts Comments

June 09, 2021
David Warburton
Senior Threat Evangelist
F5 Networks

The modern internet is approaching its 40th birthday. Despite its age, it still proves to this day how well it was designed, with many layers of resilience and redundancy.  In fact, the web as a whole was intended to be decentralised. By not relying on any one central system, it meant that many different components could fail, and internet traffic could still find a way to get where it needed to go. 

 

What we’ve seen over the past decade, however, is the unintentional centralisation of many

.....Read More

The modern internet is approaching its 40th birthday. Despite its age, it still proves to this day how well it was designed, with many layers of resilience and redundancy.  In fact, the web as a whole was intended to be decentralised. By not relying on any one central system, it meant that many different components could fail, and internet traffic could still find a way to get where it needed to go. 

 

What we’ve seen over the past decade, however, is the unintentional centralisation of many core services through large cloud solution providers, like infrastructure vendors and CDNs. We can think of these cloud solution providers as the supermarkets of the web. Many of us appreciate the ease of buying groceries from one large store rather than visiting a dozen different ones on the high street. Similarly, these cloud solution providers deliver many benefits, such as simpler application deployment, reduced management complexities and economies of scale. 

 

In a traditional internet app deployment model, an outage of a server or misconfigured application might take out a single website. As we saw today, similar problems with a cloud solution provider can end up taking out all of their customers, resulting in not one website being taken offline, but hundreds or thousands. The impact can potentially affect organisations' digital experiences, revenues and reputations.

 

Cloud solution providers provide immeasurable benefits to their users, but we shouldn't forget the lessons of the past. The “re-centralization” of the internet through these cloud solutions is now causing the very problems the original design of the internet was intended to avoid through redundancy. It’s important we consider an approach that moves us away from single points of failure or we will likely see more issues like we did today.

  Read Less
June 09, 2021
Jake Moore
Cybersecurity Specialist
ESET

With so many websites funneling through just a small number of content delivery networks, CDNs, it highlights the sheer scale of what they signify in terms of internet infrastructure and the pressure on them to withstand an outage or attack. The impact from the Fastly situation will hopefully make procedures and restoring functions more streamlined and positively more proactive.

 

Information security professionals are well prepared to expect the unexpected but even the most simple of mistakes

.....Read More

With so many websites funneling through just a small number of content delivery networks, CDNs, it highlights the sheer scale of what they signify in terms of internet infrastructure and the pressure on them to withstand an outage or attack. The impact from the Fastly situation will hopefully make procedures and restoring functions more streamlined and positively more proactive.

 

Information security professionals are well prepared to expect the unexpected but even the most simple of mistakes can have huge consequences. Simulations help relieve the pressure in a live situation but even with protocol lined up it would have been a long hour reconfiguring the mishap.

 

Time is money and never so much as on the internet. The financial impact will have been catastrophic every single minute and exponentially creeping up so insurance claims are now a distinct possibility so it is likely to have gained attention from malicious actors wanting to capitalise on any potential vulnerabilities on offer going forward.

 

CDNs are part of the internet’s critical infrastructure and if threat actors hadn’t already cottoned on to this as a direct attack vector to bring down the internet, they will now after monitoring yesterday misfortunate events.

  Read Less
June 08, 2021
Mark Rodbert
Founder and CEO
Idax

It is remarkable that within ten minutes, one outage can send the world into chaos. This demonstrates the extent to which the move to the cloud has changed the things that companies need to protect.

 

Whether the people inside a company or a supplier have made a mistake, or malicious perpetrators outside the perimeter have created the problem, it's so important that we create firebreaks in the system so that if one company, or even just one well connected employee is compromised, the whole

.....Read More

It is remarkable that within ten minutes, one outage can send the world into chaos. This demonstrates the extent to which the move to the cloud has changed the things that companies need to protect.

 

Whether the people inside a company or a supplier have made a mistake, or malicious perpetrators outside the perimeter have created the problem, it's so important that we create firebreaks in the system so that if one company, or even just one well connected employee is compromised, the whole system isn't brought to its knees.

  Read Less
June 08, 2021
Jake Moore
Cybersecurity Specialist
ESET

Whether it be malicious or otherwise, this highlights the importance and significance of these vast hosting companies and what they represent. It would be difficult to point the finger at an attack at this early development stage, but it cannot be ruled out due to the impact a potential attack could have. These middle suppliers are an easy target should they ever be hit with the perfect attack. Multiple areas will be significantly impacted as a result of this, along with an inevitable financial

.....Read More

Whether it be malicious or otherwise, this highlights the importance and significance of these vast hosting companies and what they represent. It would be difficult to point the finger at an attack at this early development stage, but it cannot be ruled out due to the impact a potential attack could have. These middle suppliers are an easy target should they ever be hit with the perfect attack. Multiple areas will be significantly impacted as a result of this, along with an inevitable financial hit.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.