The United States service provider Cloudflare, a company that provides malicious assault protection services for millions of websites, a key link that is often unknown in the core infrastructure of the Internet, suffered from a global malfunction yesterday night, as well as unclear technical problems, leading to numerous website errors that could not be accessed.
Cloudflare provides CDN (content distribution network) and multiple security features. The CDN is a web-based technology that temporarily stores web content on multiple cache servers and delivers it to end-users through optimal routes. As CDN reduces the load on the website, while increasing the speed of page loading and display of content such as images and videos, it is used by many services. This interruption of the Claudflare service began at approximately 19 p.m. yesterday night and lasted several hours. The coverage ranges from X-type social networking sites to ChatGPT and Canva, and even the Heroes’ League game has been interrupted. By the way, even Downdetector is unable to access the various network services based on user reports.
Three hours after the breakdown, Dane Knecht, Chief Technical Officer of Cloudflare, reported the interruption of the services of Cloudflare. It is alleged that the failure was caused not by cyberattacks, but by a potential loophole in the range of services that support robotic countermeasures. According to Cloudflare, the crash occurred after a routine change in the company ‘ s configuration, which triggered a chain reaction that eventually led to a complete disruption of the company ‘ s network and other services. Dane Knecht stated: “The rehabilitation programme has been implemented and we believe that the incident has been resolved. Error reports will be continuously monitored to ensure that all services are back to normal.” He also apologized to “all users and the Internet community as a whole” and said that “lessons learned and improved”. In the course of the repairs, the company temporarily shut down the Warp encryption service in the London area, suggesting that “London users’ access to the Internet through Warp would show that the connection failed”.
Professor Alan Woodward of the Surrey Cyber Security Center of the United Kingdom described Cloudflare as “the largest enterprise you’ve ever heard of” , which claims to provide “protective and performance acceleration of work loads on websites, applications, API and AI”. Alan Woodward defines it as a “doorkeeper”, whose duties include monitoring web traffic and defensive denial of service performance and verifying that users are real. Claudflare, after updating the solution, claimed that the underlying cause was “an automated configuration document to manage the threat flow”. The volume of the document exceeded expectations, triggering the collapse of software for several cloud service traffic processing systems. Dane Knecht stressed: “It is clear that there is no evidence that this was the result of the attack or of malicious activities. Some services are expected to be downgraded briefly during the natural surge in traffic after failure, but all services are expected to return to normal within hours.”
It is less than a month since the current Claudflare malfunction left thousands of websites paralysed as a result of the last interruption of Amazon cloud services. According to Woodward, “We see so few businesses that support the Internet infrastructure that either of them has an immediate and visible impact. ” In the recent past, there has been a high incidence of a series of large network services, which play an important role in the infrastructure and spread to other types of network services. While measures to prevent recurrence have been announced after each incident, this also exposes the risk of over-reliance on the architecture of large enterprise networks.