AWS Outage Explained: Why the Internet Broke While You Were Sleeping

The internet kicked off the week the way that many of us often feel like doing: by refusing to go to work. An outage at Amazon Web Services rendered huge portions of the internet unavailable on Monday morning, with sites and services including Snapchat, Fortnite, Venmo, the PlayStation Network and, predictably, Amazon, unavailable for a short period of time. The outage began shortly after midnight PT, and took Amazon around 3.5 hours to fully resolve. Social networks and streaming services were among the 1,000-plus companies affected, and critical services such as online banking were also taken down. You'll likely find most sites and services functioning as usual this morning, but some knock-on effects will probably be seen throughout the day. AWS, a cloud services provider owned by Amazon, props up huge portions of the internet. So when it went down, it took many of the services we know and love with it. As with the Fastly and Crowdstrike outages over the past few years, the AWS outage shows just how much of the internet relies on the same infrastructure -- and how quickly our access to the sites and services we rely on can be revoked when something goes wrong. The reliance on a small number of big companies to underpin the web is akin to putting all of our eggs in a tiny handful of baskets. When it works, it's great, but only one small thing needs to go wrong for the internet to come to its knees in a matter of minutes. How widespread was the AWS outage? Just after midnight PT on October 20, AWS first registered an issue on its service status page, saying it was "investigating increased error rates and latencies for multiple AWS services in the US-EAST-1 Region." Around 2 a.m. PT, it said it had identified a potential root cause of the issue, and within half an hour, it had started applying mitigations that were resulting in significant signs of recovery. "The underlying DNS issue has been fully mitigated, and most AWS Service operations are succeeding normally now," AWS said at 3.35 a.m. PT. The company didn't respond to request for further comment beyond pointing us back to the AWS health dashboard. Around the time that AWS says it first began noticing error rates, Downdetector saw reports begin to spike across many online services, including banks, airlines and phone carriers. As AWS resolved the issue, some of these reports saw a drop off, whereas others have yet to return to normal. (Disclosure: Downdetector is owned by the same parent company as CNET, Ziff Davis.) Around 4 a.m. PT, Reddit was still down, while services including Ring, Verizon and YouTube were still seeing a significant number of reported issues. Reddit finally came back online around 4.30 a.m. PT, according to its status page, which was then verified by us. In total, Downdetector saw over 6.5 million reports, with 1.4 million coming from the US, 800,000 from the UK and the rest largely spread across Australia, Japan, the Netherlands, Germany and France. Over 1,000 companies in total have been affected, Downdetector added. "This kind of outage, where a foundational internet service brings down a large swathe of online services, only happens a handful of times in a year," Daniel Ramirez, Downdetector by Ookla's director of product told CNET. "They probably are becoming slightly more frequent as companies are encouraged to completely rely on cloud services and their data architectures are designed to make the most out of a particular cloud platform." What caused the AWS Outage? AWS hasn't shared full details about what caused the internet to fall off a cliff this morning. The likelihood is that now it's deployed a fix, its next step will be to investigate what went wrong. So far it's attributed the outage to a "DNS issue." DNS stands for the Domain Name System and refers to the service that translates human-readable internet addresses (for example, CNET.com) into machine-readable IP addresses that connects browsers with websites. When a DNS error occurs, the translation process cannot take place, interrupting the connection. DNS errors are common are common internet roadblocks, but usually happen on small scale, affecting individual sites or services. But because the use of AWS is so widespread, a DNS error can have equally widespread results. According to Amazon, the issue is geographically rooted in its US-EAST-1 region, which refers to an area of North Virginia where many of its data centers are based. It's a significant location for Amazon, as well as many other internet companies, and it props up services spanning the US and Europe. "The lesson here is resilience," said Luke Kehoe, industry analyst at Ookla. "Many organizations still concentrate critical workloads in a single cloud region. Distributing critical apps and data across multiple regions and availability zones can materially reduce the blast radius of future incidents." Was the AWS Outage caused by a cyberattack? DNS issues can be caused by malicious actors, but there's no evidence at this stage to say that this is the case for the AWS outage. Technical faults can, however, pave the way for hackers to look for and exploit vulnerabilities when companies' backs are turned and defenses are down, according to Marijus Briedis, CTO at NordVPN. "This is a cybersecurity issue as much as a technical one," he said in a statement. "True online security isn't only about keeping hackers out, it's also about ensuring you can stay connected and protected when systems fail." In the hours ahead, people should look out for scammers hoping to take advantage of people's awareness of the outage, added Briedis. You should be extra wary of phishing attacks and emails telling you to change your password to protect your account.