A vast internet outage, breaking much of the internet, seems to be the result of problems at just once company.
It quickly echoed out from there, taking down just about every big website: Twitch, Reddit, Amazonm the New York Times, The Independent and many more were affected by the problems.
But they all appear to have stemmed from issues at Fastly, a cloud computing company that helps run the internet.
Such companies – like other internet service providers, cloud computing platforms and web infrastructure firms – are mostly invisible, even to the people who use them for much of their day. Like other infrastructure, they are mostly ignored when they are working correctly.
But as soon as they do break, they can become very visible indeed. And that is what happened to Fastly, when the issues started to spread.
It said in an update that the problem was with its CDN, or content delivery network, service. That is a set of servers, spread all around the world, that host copies of popular websites so that they can be shown to customers more easily.
It is intended to ensure that somebody in India looking to visit Reddit, for instance, does not have to ask for all of the posts and images from a server in San Francisco. Instead, there will be a copy stored for them more locally, which can be delivered more quickly.
But that means that any problems with that CDN service can immediately take those websites offline. If there is something wrongly setup, or an error in the technology that powers it, the computers will be shown errors rather than the website.
And that is what happened on Tuesday morning UK time, when users around the world asked their computers to show them those website and instead saw errors indicating that the website had broken.
The issue at the heart of such outages can be relatively small, even if they are immediately amplified to take over the whole world.
Last year, for instance, another internet infrastructure provider called Cloudflare was also hit by significant problems, during which its traffic dropped 50 per cent and many websites were knocked offline. It explained later that the issue was caused when engineers sent some network traffic to another router in an attempt to stop congestion – but it caused an error that sent all of the data to that Atlanta router, overwhelming it and bringing the system down.
“Whether it be malicious or otherwise, this highlights the importance and significance of these vast hosting companies and what they represent,” said Jake Moore, cybersecurity specialist at ESET. “It would be difficult to point the finger at an attack at this early development stage, but it cannot be ruled out due to the impact a potential attack could have.
“These middle suppliers are an easy target should they ever be hit with the perfect attack. Multiple areas will be significantly impacted as a result of this, along with an inevitable financial hit.”
A relatively small number of companies power that infrastructure – even though they might be largely unknown – so any issues can spread quickly.
“It is remarkable that within ten minutes, one outage can send the world into chaos. This demonstrates the extent to which the move to the cloud has changed the things that companies need to protect,” said Mark Rodbert, Visiting Professor in Computer Science at the University of York and chief executive of Idax Software.
“Whether the people inside a company or a supplier have made a mistake, or malicious perpetrators outside the perimeter have created the problem, it’s so important that we create firebreaks in the system so that if one company, or even just one well connected employee is compromised, the whole system isn’t brought to its knees.”