Monday’s hours-long outage of Facebook and its sibling sites, including Instagram and WhatsApp, resulted in some 14 million reports from users who were unable to use the social network’s apps and other services. The outage also reportedly resulted in the loss of some $60 to $100 million dollars in terms of revenue, while the service disruption also impacted Facebook’s stock, which fell by 4.9 percent on Monday.

That translated to $47.3 billion in lost market cap.

While this outage is likely already being forgotten by most users, questions are already being asked whether similar outages could happen again.

“Outages like this show that, for all that was learned since the DDoS attack on Dyn in October of 2016, five years later the Internet remains fragile when services like DNS get interrupted for some reason,” Bill Lawrence, CISO at SecurityGate explained in an email.

“It will be interesting to see what caused this lingering outage to several jewels in the Facebook family,” Lawrence added.

DDoS Attack?

Many security experts have suggested the outage was the result of a DDoS attack – possibly conducted in response of what whistleblower Frances Haugen, who served as a data scientist and former product manager for Facebook, told CBS’s 60 Minutes on Sunday.

According to CloudFlare, “A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.”

Such attacks achieve their effectiveness by utilizing multiple compromised computer systems as the sources of attack traffic, which essentially overwhelm a system. Facebook is certainly not alone in experiencing such an attack.

“As more facts about Facebook and its business practices become public, its users’ anger seems to be on the rise. If they are attackers, they respond by attacking – in this case, possibly a DDoS attack that flooded the company’s DNS server,” said Saryu Nayyar, CEO of security research firm Gurucul.

“This isn’t the first time there has been a massive DNS attack; in 2016, DDoS attacks on October 21, 2016, targeting systems operated by DNS provider Dyn took down hundreds of companies,” added Nayyar. “Many large organizations guard against the loss of their DNS by maintaining multiple DNS systems across different DNS providers. While the cause of Facebook’s problem isn’t yet clear, it would be amazing if they hadn’t already set up multiple DNS providers.”

The Human Element?

Ron Bradley, vice president at Shared Assessments, said that another possibility was that Facebook’s outage was due to errors – human and computer.

“While it’s too soon to confirm, it’s widely believed the recent outage on Facebook was related to DNS configurations and/or BGP routes,” Bradley explained.

“DNS stands for domain name service and BGP is the border gateway protocol,” he noted. “Think of it this way. When you want to get driving directions to your favorite restaurant you may or may not know the address (DNS), but that’s ok, because the address is static and not likely to change. You then rely on your smart device to get directions (BGP) with the fastest route for you. The same is true for Internet traffic.”

How does this relate back to Facebook and the human element?

Bradley said that business computer “street addresses” rarely (if ever) change, especially on the global scale of Facebook.

“Millions of users asked their phone or computer to take them to Facebook, and the route was unknown, too busy, or inaccessible – happens all the time in L.A., traffic there is brutal,” he added. “DNS servers and BGP routers are closely guarded assets due to their criticality. Imagine closing down the Golden Gate Bridge or the Lincoln tunnel during rush hour. Internet routers, switches, firewalls, and DNS servers don’t change configuration without human action. Whether it was intentional or accidental, internal or external, the fact remains it was a major outage and I’m certain Facebook is deep in the throes of a root cause analysis.”

Regardless of what caused the outage, it is something Facebook can’t allow to happen again – certainly not on that scale.

Leave a Reply

Your email address will not be published. Required fields are marked *