The internet kicked off the week the way that many of us often feel like doing: by refusing to go to work. An outage at Amazon Web Services (AWS) rendered huge portions of the internet unavailable on Monday morning, with sites and services including Snapchat, Fortnite, Venmo, the PlayStation Network and, predictably, Amazon, unavailable for a short period of time.
The outage began shortly after midnight PT, and took Amazon around three and a half hours to fully resolve. Social networks and streaming services were impacted, but critical services such as online banking were also taken down. You'll likely find most sites and services functioning as normal this morning, but some knock-on impacts will probably be seen throughout the day.
AWS is a cloud services provider owned by Amazon that props up huge portions of the internet, so when it went down, it took many of the services we know and love with it. As with the Fastly and Crowdstrike outages over the past few years, the AWS outage shows just how much of the internet relies on the same infrastructure -- and how quickly our access to the sites and services we rely on can be revoked when something goes wrong. The reliance on a small number of big companies to underpin the web is akin to putting all of our eggs in a tiny handful of baskets.
When it works, it's great, but only one small thing needs to go wrong for the internet to come to its knees in a matter of minutes.
Just after midnight PT on October 20, AWS first registered an issue on its service status page, saying it was "investigating increased error rates and latencies for multiple AWS services in the US-EAST-1 Region." Around 2 a.m. PT, it said it had identified a potential root cause of the issue, and within half an hour, it had started applying mitigations that were resulting in significant signs of recovery.
"The underlying DNS issue has been fully mitigated, and most AWS Service operations are succeeding normally now," AWS said at 3.35 a.m. PT. The company didn't respond to request for further comment beyond pointing us back to the AWS health dashboard.
Around the time that AWS says it first began noticing error rates, Downdetector saw reports begin to spike across many online services, including banks, airlines and phone carriers. As AWS resolved the issue, some of these reports saw a drop off, whereas others have yet to return to normal. (Disclosure: Downdetector is owned by the same parent company as CNET, Ziff Davis.)
Around 4 a.m. PT, Reddit was still down, while services including Ring, Verizon and YouTube were still seeing a significant number of reported issues.
What caused the AWS Outage?
AWS hasn't shared full details about what caused the internet to fall off a cliff this morning. The likelihood is that now it's deployed a fix, its next step will be to investigate what went wrong.
So far it's attributed the outage to a "DNS issue." DNS stands for the Domain Name System and refers to the service that translates human-readable internet addresses (for example, CNET.com) into machine-readable IP addresses that connects browsers with websites.
When a DNS error occurs, the translation process cannot take place, interrupting the connection. DNS errors are common are common internet roadblocks, but usually happen on small scale, impacting individual sites or services. But because the use of AWS is so widespread, a DNS error can have equally widespread results.
DNS issues can be caused by malicious actors, but there's no evidence at this stage to say that this is the case for the AWS outage.
Technical faults can, however, pave the way for hackers to look for and exploit vulnerabilities when companies' backs are turned and defenses are down, according to Marijus Briedis, CTO at NordVPN. "This is a cybersecurity issue as much as a technical one," he said in a statement. "True online security isn't only about keeping hackers out, it's also about ensuring you can stay connected and protected when systems fail."
In the hours ahead, people should look out for scammers hoping to take advantage of people's awareness of the outage, added Briedis. You should be extra wary of phishing attacks and emails telling you to change your password to protect your account.