Many of the internet’s most popular websites today have suffered prolonged outages due to an issue with Fastly, a provider of cloud computing services.
Sites such as Reddit, Spotify, Amazon and Gov.UK were all affected, as well as major news outlets such as the Guardian, Financial Times, Independent and the New York Times.
Visiting these sites and specific web pages resulted in the basic error message: “Error 503 Service Unavailable”. The Guardian tweeted:
“The Guardian’s website and app are currently being hit by a major internet outage and will be back as soon as possible.
” According to a number of reports from news organization on Twitter (which does not appear to be affected by the outage), a company called Fastly appears to be to blame.
Fastly provides cloud security services to websites, including protection against denial-of-service attacks, bot mitigation, and a firewall for web applications.
The US company has confirmed that it is “currently investigating the potential impact on the performance of our CDN (content delivery network) services”.
Michael Barragry, security advisor at Edgescan, said: “CDNs are ubiquitous on the Internet today. While they are primarily used to ensure smooth resource delivery so that websites can perform at their best, they also often provide additional security features such as WAF-like traffic filtering. and DDoS protection.
” The exact nature of this “issue” is unclear, but given its massive impact, it appears it has transcended any failover or redundancies.
This outage can also provide an opportunity for further attacks, especially against those sites that rely too heavily on the CDN infrastructure for their security.
“Additional independent layers of security should be used where necessary to ensure that no single point of failure is present.
” Professor Mark Rodbert, a visiting professor of computer science at the University of York and founder of cybersecurity firm Idax Software, said the incident showed that the internet was too dependent on a small number of companies to stay online.
“It is remarkable that within ten minutes, one outage can throw the world into chaos,” he said. “This shows how much the move to the cloud has changed the things that businesses need to protect.
“Whether the people inside a company or a supplier made a mistake, or malicious perpetrators outside the perimeter caused the problem, it’s so important that we create firebreaks in the system so that if one company, or even just one well-connected employee, is compromised, the whole system is not brought to its knees.”
UPDATE 12.30pm: The outage appears to have been resolved and the above sites are now available again.