Headline: Recent Outages in UK Online Services Highlight Concerns Over Dependence on Foreign IT Infrastructure Summary: Recent disruptions in online services across the UK have sparked significant concerns regarding the nation's reliance on foreign IT infrastructure. These outages not only affect businesses and consumers but also raise critical questions about cybersecurity, data sovereignty, and the resilience of the UK's digital landscape. Key Points: Impact on Businesses: Many UK...
Topics covered
Members of Parliament (MPs) are raising concerns about the UK’s heavy reliance on foreign hosting services for its critical IT infrastructure. This alarm was heightened following a disruption of Amazon Web Services (AWS), which led to widespread outages affecting essential services, including those of HM Revenue & Customs (HMRC), Halifax, and Lloyds.
During the outage, tracking platform Downdetector recorded a significant increase in complaints, with users struggling to access AWS and popular platforms like Snapchat, Starbucks, Slack, and Ring. Financial institutions, notably Lloyds and Halifax, experienced major disruptions, with Lloyds reporting over 6,900 outage incidents in just one hour.
The extent of the outage
Customers attempting to access banking services encountered error messages citing technical difficulties. Halifax, for example, displayed a notification stating, “Sorry, we’re unable to process your request at the moment. We’re currently having some technical problems.” The impact extended beyond banking, affecting online gaming platforms such as Roblox and Fortnite.
Impact on telecommunications
A representative from VodafoneThree noted that while their networks remained operational, certain applications and websites were still impacted by the AWS outages. AWS, the largest cloud computing service provider in the world, offers a range of services including storage solutions, databases, and security tools, making its reliability critical for many sectors.
Regulatory inquiries and concerns
The Treasury Committee has initiated inquiries into why Amazon has not been classified as a critical third party (CTP). This classification would enable regulators to intervene and enhance the resilience of essential service providers in the financial sector. The committee has expressed concerns regarding the Treasury’s decision-making processes related to the designations of major tech firms.
Committee chair Meg Hillier communicated to Lucy Rigby, the economic secretary to the Treasury, emphasizing the need for clarity on the implications of hosting integral components of the UK’s IT framework abroad, especially in light of the AWS incident.
Investigating the causes
The Treasury Committee requested information on the collaboration between the Treasury and HMRC to investigate the outage’s causes and to develop strategies to prevent future incidents. Reports indicated that the outage peaked between 9:00 am and 10:00 am, with AWS announcing signs of recovery shortly thereafter. By 11:35 am, AWS reported that the underlying DNS (domain name system) issues had been resolved, although problems continued in the US later that day.
Understanding the technical challenges
Professor Oli Buckley, a cybersecurity expert at Loughborough University, explained that the DNS functions like a phone book for the internet, directing devices to their desired services. A DNS error can trigger a cascade of slowdowns as systems struggle to locate the needed service, often leading to failures.
Professor Alan Woodward from the University of Surrey elaborated on the propagation of these errors, noting that updates take time to reach all areas of the internet, potentially prolonging the outage. He highlighted the interconnectedness of modern infrastructure, suggesting that reliance on third-party providers can cause significant disruptions from seemingly minor errors.
Potential security threats
Marijus Briedis, chief technology officer at NordVPN, asserted that such outages expose a deeper issue: the over-dependence of major companies on the same digital infrastructure. He warned that when one service fails, it creates a domino effect impacting numerous others. Additionally, he cautioned that these technical faults could increase the risk of cyberattacks, including potential spikes in phishing and malware incidents, as hackers exploit vulnerabilities.
During the outage, tracking platform Downdetector recorded a significant increase in complaints, with users struggling to access AWS and popular platforms like Snapchat, Starbucks, Slack, and Ring. Financial institutions, notably Lloyds and Halifax, experienced major disruptions, with Lloyds reporting over 6,900 outage incidents in just one hour.0
