And suddenly popular news sites or the Twitch video platform stopped responding. A small part of the global Internet suffered a resounding blackout on Tuesday which paralyzed access to certain sites for nearly 2 hours. Time for Fastly, a central player in the web, to restart its servers after a major “technical incident”.
How did the setbacks of a listed company have a domino effect on several thousand sites? To understand, you need to dwell on the current configuration of the Web. It should be noted from the outset that the Internet is a structure designed with enough relays and redundancies to never fail in its entirety.
But its global immensity involves local relays as close as possible to the Internet user. This is where the content distribution networks come into the picture, better known by their Anglo-Saxon name CDN for “Content Delivery Network”. Little known to the general public – until this historic failure – CDNs like Cloudflare, CloudFront (Amazon) or Akamai have for a decade recentralized the Internet around their service offering.
To put it simply, they host mirror sites of the original site all over the world so that a Netflix user, for example, does not need to use American servers but the one closest to him. Objective: better distribute and manage massive connections to avoid “traffic jams”.
“It is a global network which connects services through huge pipes which accelerates the delivery of content”, summarizes Yann Klis, boss of the start-up specialist in the cloud, Scalingo. “They are pillars of the Internet because their infrastructures also act as a shield against denial of service (DDoS) attacks and all providers of video or image content need them constantly,” he analyzes.
Problem: mainstream media sites and services like Spotify, Twitch or Vimeo depend heavily on a few players who have become essential over time and who are crushing the market. “We can consider these providers of Cloud solutions like the supermarkets of the web”, points out David Warburton, cyberthreats researcher for the company F5. “We tend to appreciate the ease of buying groceries in one department store rather than going to a shopping street with a dozen different stores.”
No cyber attack
“They are American oligopolies and when a single service falls, it undermines a large part of the Internet over which they rule,” abounds Yann Klis. Especially when the system is not designed with redundant servers that provide minimum service when the core of the network falters.
Unfortunately more and more credible, especially for large American companies, the trail of the cyberattack was quickly dismissed. “Internet users very quickly received” 503 error “messages, which is an indicator of the unavailability of a service and not of a cyberattack”, explains Andy Champagne, technical director of Akamai, market leader who has already experienced this kind of “bug”. “In the event of an attack, it usually takes a while for the consumer to see an error,” he stresses.
Fastly delivered at the end of a breathless suspense a first verdict: “We have identified the configuration of the service that triggered disruptions in our Internet access points around the world and have deactivated this configuration”. A human error that led to a start of panic and potentially a questioning of the current model.