Security, and other ICT professionals, are calling for a review of the world’s internet infrastructure, following a serious internet outage, which left global brands and government services without internet services.
It has been a week of costly mishaps. During Sunday’s Azerbaijan Formula1 grand prix, the seven times world champion, Lewis Hamilton, was knocked out of the race, when he inadvertently hit one of several buttons on his steering. The so called “the magic button” alters the brake balance on his car, and forced him to abandon the race.
The World Champion will feel some sympathy with a customer, who according to the Content Delivery Network company, Fastly, triggered the massive internet outage on Tuesday, leaving some of the world’s major corporations, and at least two government services, disconnected from the internet.
As they updated their settings, the customer activated a bug that had laid dormant since last month.
In a statement on the company’s website, Senior Vice President of Engineering and Infrastructure, Nick Rockwell, apologised to customers and users, for what he called a “broad and severe” outage.
“We experienced a global outage due to an undiscovered software bug that surfaced on 8th June, when it was triggered by a valid customer configuration change. We dictated the disruption within one minute, then identified and isolated the cause, and disabled the configuration…”
Among those affected by the outage, were the United Kingdom of Great Britain (UK) government portal, gov.uk, the White House, America’s state house, and the giant online sales conglomerate, Amazon. Major news networks, including CNN, were also affected.
Like so many governments, especially among the highly advanced nations around the world, the UK has moved most of its services online. Some of those affected by the outage, included people trying to book Covid-19 tests.
Amazon is reported to have lost up to $8,000 every minute its website stayed down. The outage lasted for at least fourty-five minutes, before Fastly, put in what the company says is a permanent fix to solve the problem.
Content Delivery Network (CDN) companies exist to speed up downloads for users, and to keep their customers’ websites stable and safe. They came into existence in the 1990s, as a response to bottlenecks, with increasing traffic on the internet. They provide proxy servers in multiple geographical locations. In this way, the end user always has a server close to them, even when accessing a faraway website.
Instead of going directly to the server of the website they want, users are directed to a proxy CDN server closer to them. This not only speeds up downloads for then, but also protects the visited website from overloading, in the event of particularly heavy traffic, as well as any malware.
There are around three main CDNs in operation, including Fastly itself, which accounts for 10% of the world’s internet traffic.
While CDNs provide an excellent service, it is this increasing centralization of internet infrastructure, which internet security professionals argue, is at the root of the problem.
The internet inherently designed to be decentralised, that was part of its strength. This meant that if some components failed, internet traffic could still flow through other routes.
With greater centralisation this characteristic advantage is lost. A catastrophic failure at a CDN, can mean that customers relying on it are unable to access the internet at all. This can be serious for any number of sensitive websites around the world.
Tuesday’s outage lasted less than an hour, and the damage caused was limited by Fastly’s quick action.
But experts warn of potential for more far reaching disasters, if Tuesday’s relatively minor outage does not alert the world to the need to review the state of the internet’s infrastructure.