And the Beat Goes On…..now Fastly

9057851697?profile=RESIZE_400xCyber-attacks seem to be occurring on a daily, if not hourly, basis.  On 8 June 2021, multiple websites went offline briefly throughout the world after an outage at the cloud service company Fastly, revealing how critical a handful of companies running the Internet's network have become.  Dozens of sites including the New York Times, CNN, some Amazon sites, Twitch, Reddit, the Guardian, and the U.K. government's home page, could not be reached.

In Asia, the cities of Hong Kong and Singapore were also affected, with users unable to access the CNN website.  In China, where most foreign media websites are blocked, there was little discussion on the outage on social media platforms such as Weibo.[1]

San Francisco-based Fastly acknowledged a problem just before 6 a.m. Eastern Standard Time (EST). It said in repeated updates on its website that it was "continuing to investigate the issue."  About an hour later, Fastly said, "The issue has been identified and a fix has been applied. Customers may experience increased origin load as global services return."  A number of sites that were hit early appeared to be coming back online.  Fastly said it had identified a service configuration that triggered disruptions, meaning the outage appeared to be caused internally.

All major futures markets in the US dipped sharply minutes after the outage hit almost exactly a month after a cyberattack that caused the operator of the largest fuel pipeline in the US to stop its operations.  Internet traffic measurement by Kentik[2] show that Fastly began to recover from the outage roughly an hour after it struck at mid-morning European time - and before most Americans were awake.  "Looks like it is slowly coming back," said Kentik.  They said, "it is serious because Fastly is one of the world's biggest CDNs and this was a global outage."

Fastly is a content-delivery network.  It provides vital but behind-the-scenes cloud computing "edge servers" to many of the web's popular sites.  These servers store, or "cache," content such as images and video in places around the world so they are closer to users, allowing them to fetch it more quickly and smoothly instead of having to access the site's original server.  Fastly says its services mean that a European user going to a US/Americas website can get the content from 200 to 500 milliseconds faster.

The impact of Fastly's cyber woes demonstrate the relative fragility of the Internet's current architecture given its heavy reliance on Big Tech companies, such as Amazon's AWS cloud services, as opposed to a more decentralized model.  "Even the biggest and most sophisticated companies experience outages.  But they can also recover fairly quickly," said Kentik.

When the outage hit, some visitors trying to access CNN.com got a message that said, "Fastly error: unknown domain: cnn.com."  Attempts to access the Financial Times website turned up a similar message while visits to the New York Times and UK government's gov.uk site returned an "Error 503 Service Unavailable" message, along with the line "Varnish cache server," which is a technology that Fastly is built upon. 

Down Detector, which tracks Internet outages, posted reports on dozens of sites going down and said "there may be a widespread outage at Fastly." 

We are living in perilous cyber times.  An ounce of prevention is ALWAYS worth a pound of cure.  Red Sky Alliance strongly recommends ongoing monitoring from both internal and external perspectives.  Internal monitoring is common practice and very important, however, external threats are often overlooked and can represent an early warning of impending attacks.  Red Sky Alliance can provide both internal monitoring in tandem with RedXray notifications on external threats to include, botnet activity, public data breaches, phishing, fraud, and general targeting. 

Red Sky Alliance is in New Boston, NH   USA.     We   are   a   Cyber   Threat   Analysis   and   Intelligence Service organization.     For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.

Interested in a RedXray subscription to see what we can do for you?  Sign up here: https://www.wapacklabs.com/RedXray   

[1] https://www.npr.org/2021/06/08/1004305569/internet-fastly-outage-go-down-twitter-reddit

[2] https://www.kentik.com/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!