Fastly Why Half The Internet Went Down For Hours
June 8th 2021, will forever be remembered as the day that half of the internet temporarily disappeared. The outage didn’t last long – barely over two hours, in most cases – but it took the cyber-world by surprise. We thought that internet technology and security had developed beyond the point where a single issue would take down so many websites simultaneously, but we were wrong. The websites of several of the world’s biggest newspapers vanished. Even the British government’s extensive web presence disappeared. The whole world feared that there had been an enormous hack or cyberattack, but that wasn’t the case. When the smoke cleared, we got the staggering news that the entire meltdown had been triggered by just one customer of a company called “Fastly.”
Understanding what Fastly is and what services the company provides is the key to comprehending this costly shutdown. Given that so many seemingly unrelated sites went down at the same time, it would be tempting to believe that Fastly is a web hosting company, but it isn’t. Fastly, as is implied by the company’s name, isn’t about hosting. It’s about speed. Fastly classifies itself as a so-called “edge provider.” It would be more accurate to describe the company as a content delivery service. Instead of handling hosting duties, Fastly is supposed to make speed and reliability better than it would be if you were dealing with direct connections to a website’s server. When a new customer signs up to Fastly, a copy of their website is stored on Fastly’s enormous servers, thus acting as a middleman between visitors and the “true” copy of the website held elsewhere. It provides the same type of service as Cloudflare – a company that was, until June 8th, far more famous than Fastly.
Fastly’s brief outage is a stark reminder that speed has become the be-all and end-all for businesses that rely on their websites to generate revenue. Many analysts and experts suggest that if your page doesn’t finish loading within five seconds of a visitor arriving on it for the first time, there’s a large probability that your visitor will get bored of waiting and go elsewhere. If your website operates in an immensely competitive industry where multiple rival firms provide the same service as you- newspaper websites, for example – that’s commercial death. Fear of slow speeds has driven thousands of companies to services like Fastly. It now appears that we’ve become overly reliant on them. Websites like the BBC stayed online because they have local backups designed to take over in such an eventuality. Dozens of other big-name sites lacked such foresight. That’s worrying. It’s also probably irresponsible.
Since the whole purpose of Fastly’s existence is speed and reliability, the company’s reputation will inevitably suffer because of this. This is the first major outage in the company’s history, but it only takes one outage to make headlines. The harsh truth the company has to face is that most people had never heard of it before this happened. Now their name is everywhere, and it’s for negative reasons. The downtime will also likely prove to be costly. When a website is offline, it can’t make sales or display adverts. Fastly may or may not be liable for the costs of missing out on the revenue that its customers should have generated during the downtime, but it can probably rest assured that several excellent lawyers will attempt to make it liable.
Having so many companies reliant on a single service to ensure uptime and reliability can’t be a good thing. Yet, it’s a model we see repeated all over the internet. Very few types of website make as much money as online slots websites, for example. Unless such websites are illegal in your country, you can’t have helped but notice the proliferation of new online slots websites in the past five years alone. Many of them look different and have specific niches – Rose Slots Canada, for example, is a new Canadian-only version of the Rose Slots site that’s so popular in Europe – but most of them are underpinned by the same service. Thousands of them rely on WordPress, for example, and hundreds more are franchise models based on the same software. If there was a failure with a key server or software package, thousands of online slots websites would disappear in an instant. For a multi-billion dollar industry, that’s surely a gamble that should never have been worth taking. The people who run these websites are probably looking into their contingency options as we speak. In reality, so should everybody else.
The specifics of the problem scarcely matter, but Fastly has at least been able to identify them. The company believes that a bug was introduced during a software deployment in May but didn’t become active until a single customer made a configuration change on June 8th and triggered the bug. Somehow, that one (perfectly valid) configuration changed knocked out an estimated 85% of the Fastly network. Promises have already been made that this will never happen again. Promises like that are incredibly hard to keep. The software bug was the result of human error, and we’re not yet at the point where computers are capable of handling all of our programming and coding requirements. So long as humans write code, human error is inevitable. This may not happen to Fastly again, but it will happen to somebody, and the consequences could prove to be just as disastrous for e-commerce.
The only reason that more companies and websites didn’t have a backup plan of the kind that the BBC does is complication and expense. Senior members of staff within the affected companies will now have to sit down and work out whether the costs of acquiring adequate protections outweigh the costs of another sudden outage. This one was dealt with quickly. The next one might not be. One of the most undesirable consequences of the failure is that it’s reminded hackers that taking down vast swathes of the internet is possible so long as you find the right vulnerability, so they’ll redouble their efforts. The internet was never supposed to be dependant on the performance of a handful of third-party services. Hopefully, this will serve as a wake-up call to anybody who’s become too complacent about that dependency.