For a company that promises to 'build a better internet,' the drama was mortifying.
To millions around the world who – perhaps, unwittingly – depend on Cloudflare's services, the blackout was unnerving.
The Silicon Valley firm that is the foundation of a fifth of all websites worldwide, was brought to its knees on Tuesday morning.
The issue was first detected at 6:48am Eastern Time.
Internet users experienced the outage as maddening connectivity issues. Elon Musk's X, Sam Altman's ChatGPT, Spotify and Shopify were among the sites grinding to a halt. More essential organizations, such as the New Jersey transit system, New York City's emergency management offices and the French national railway company SNCF were also reportedly impacted.
By 9:42am the Cloudflare said a 'fix' had been 'implemented' and by 12:44pm the service was fully restored.
Dane Knecht, Cloudflare's chief technology officer - whose X bio boasts: 'I help invent the future' - was grovelling in his apology.
'I won't mince words: earlier today we failed our customers and the broader Internet,' he said, adding that it 'caused real pain' and the 'issue, impact it caused, and time to resolution is unacceptable.'
'I'm very suspicious when I see something like this that doesn't really smell right,' James Knight, senior principal at Digital Warfare, which helps companies identify and shore up online vulnerabilities, told the Daily Mail.
Knight, who has 30 years of experience in cyber threats, including classified work as an 'ethical hacker,' told the Daily Mail that these giant internet companies have 'an inordinate amount of redundancy when it comes to a lot of these things', with multiple back-ups in place.
He believes that any update would likely have been trialed multiple times on a test site, before being done live.
Although Cloudflare is hardly a household name, its security - and that of companies like it - affects us all. A popular meme doing the rounds on Tuesday showed a teetering stack of blocks labeled 'The Entire Internet', with Cloudflare depicted as two tiny matchsticks propping up the entire structure.
Cloudflare essentially serves as the 'door' through which all of us pass when we use one of their many client websites.
Internet users may believe they are accessing Uber, Zoom or LinkedIn directly: in reality, they connect to a Cloudflare data center in one of 330 cities worldwide and Cloudflare then patches the user through to the website they wish. It makes the connection significantly faster, and, in theory, safer, with Cloudflare fending off all attempts to take down the site.
But Cloudflare's 'gatekeeper' position makes it a tempting target for anyone wanting to land a blow on global commerce, communications and connectivity.
In September, the company announced that they had thwarted the largest ever 'distributed denial-of-service' (DDoS) attack, in which criminals bombarded Cloudflare's systems with a battery of requests, trying to make their websites keel over.
That attack saw 11.5 terabytes-per-second of data, which is equivalent to downloading Netflix's entire content library every second, hurled at Cloudflare for 35 seconds. And that digital assault came just three months after the previous record DDoS attack of 7.3 terabytes-per-second.
Knight claimed very few actors are capable of such massive hacking events.
No comments:
Post a Comment