Fastly down: What is the company at the centre of global internet outage – and how could a CDN break the web

Andrew Griffin
Tuesday 08 June 2021 11:39 EDT
Comments
The internet has gone down. Here's why.

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A vast internet outage, breaking much of the internet, seems to be the result of problems at just once company.

It quickly echoed out from there, taking down just about every big website: Twitch, Reddit, Amazonm the New York Times, The Independent and many more were affected by the problems.

But they all appear to have stemmed from issues at Fastly, a cloud computing company that helps run the internet.

Follow live: Reddit, Amazon and UK government websites down

Such companies – like other internet service providers, cloud computing platforms and web infrastructure firms – are mostly invisible, even to the people who use them for much of their day. Like other infrastructure, they are mostly ignored when they are working correctly.

But as soon as they do break, they can become very visible indeed. And that is what happened to Fastly, when the issues started to spread.

It said in an update that the problem was with its CDN, or content delivery network, service. That is a set of servers, spread all around the world, that host copies of popular websites so that they can be shown to customers more easily.

It is intended to ensure that somebody in India looking to visit Reddit, for instance, does not have to ask for all of the posts and images from a server in San Francisco. Instead, there will be a copy stored for them more locally, which can be delivered more quickly.

But that means that any problems with that CDN service can immediately take those websites offline. If there is something wrongly setup, or an error in the technology that powers it, the computers will be shown errors rather than the website.

And that is what happened on Tuesday morning UK time, when users around the world asked their computers to show them those website and instead saw errors indicating that the website had broken.

The issue at the heart of such outages can be relatively small, even if they are immediately amplified to take over the whole world.

Last year, for instance, another internet infrastructure provider called Cloudflare was also hit by significant problems, during which its traffic dropped 50 per cent and many websites were knocked offline. It explained later that the issue was caused when engineers sent some network traffic to another router in an attempt to stop congestion – but it caused an error that sent all of the data to that Atlanta router, overwhelming it and bringing the system down.

“Whether it be malicious or otherwise, this highlights the importance and significance of these vast hosting companies and what they represent,” said Jake Moore, cybersecurity specialist at ESET. “It would be difficult to point the finger at an attack at this early development stage, but it cannot be ruled out due to the impact a potential attack could have.

“These middle suppliers are an easy target should they ever be hit with the perfect attack. Multiple areas will be significantly impacted as a result of this, along with an inevitable financial hit.”

A relatively small number of companies power that infrastructure – even though they might be largely unknown – so any issues can spread quickly.

“It is remarkable that within ten minutes, one outage can send the world into chaos. This demonstrates the extent to which the move to the cloud has changed the things that companies need to protect,” said Mark Rodbert, Visiting Professor in Computer Science at the University of York and chief executive of Idax Software.

“Whether the people inside a company or a supplier have made a mistake, or malicious perpetrators outside the perimeter have created the problem, it’s so important that we create firebreaks in the system so that if one company, or even just one well connected employee is compromised, the whole system isn’t brought to its knees.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in