Fastly’s problems do not appear to have been caused by an attack. But can do Fastly and similar services end up in focus for future attacks, according to IT security expert.
Suddenly, sites like Reddit, Amazon, Paypal, Spotify, CNN, The New York Times or the BBC could no longer be reached.
The problem also affected several Swedish media companies and was due to a fault in the so-called CDN service Fastly, which provides internet services to companies.
Error message after error message appeared on some of the world’s most famous sites around lunchtime on Tuesday. Some experienced problems for a few minutes while others were turned off for about an hour.
It did not take long before the error was located at Fastly, a company that helps large sites keep up the pace by sending data traffic via faster internet routes. The San Francisco-based company soon admitted that their so-called CDN (Content Delivery Network) was the root of the problem.
According to a spokesperson for the company, it was “a service configuration” that triggered the disruptions, which could be remedied after about an hour. But before that, the company’s share managed to back more than 4 percent in trading on Wall Street in the US.
Fastlys’ affected customers reacted with different types of backup solutions. The tech site The Verge, for example, posted news via the Google service Docs, while the British editor of The Guardian’s IT editor followed the development via a thread on Twitter.
There are few subcontractors to turn to
Many large companies and other entities depend on CDN services. Some run them themselves while others buy them. However, there are few subcontractors to turn to for those who need large capacity, which makes the system sensitive.
According to Marcus Murray, founder of the Swedish cyber security company Truesec, there is a risk that Tuesday’s events will cause Fastly and similar services to end up in the firing line for various attacks.
– If, for example, you look at government actors with an interest in influencing the western world’s news channels, they have today realized that there are apparently suppliers that very many are dependent on and there you could do great damage, he says.
– For that type of business, it is very valuable information that has been made available today by an event.
Anne-Marie Eklund Löwinder: Review risk diversification
According to Anne-Marie Eklund Löwinder, head of security at the Internet Foundation, the incident also raises the question of whether it is so smart that very many companies in the same industry, regardless of whether it is the media or government agencies, use the same supplier.
– Maybe you should spread your graces, she says.
She also urges to review its risk diversification, to have a plan B, an alternative provider if a service goes down. Erik Ryd, an analyst at MSB, is also on the same track.
– It is important that you as a company have a plan B, he says.
The authority is concerned that media companies in particular are affected.
– Of course it is serious, access to media needs to be up and running around the clock, says Erik Ryd.
“Scary when so big is down”
According to IT security expert Anders Nilsson at the company ESET, Fastly’s problems are worrying.
– We have seen things like this happen maybe once a year, or every other year. But not for long. In the past, it has been about a quarter or so, he says.
– It’s scary when it’s so big lying down.
Ironically, the point of services like Fastlys is that they should make sites less vulnerable to this type of interruption. The services are delivered through a network of computers spread across different parts of the world, so that international sites can be accessed via different servers depending on where the user is located.
– But if all these services go down, there will of course be big problems, says Anders Nilsson.
Source: Nyteknik – Senaste nytt by www.nyteknik.se.
*The article has been translated based on the content of Nyteknik – Senaste nytt by www.nyteknik.se. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!