Cloud Data Security & Resilience
,
Security Operations
Cloud Giant Blames DNS Misconfiguration
Amazon Web Services is recovering from a service outage that impacted its own services and dozens of its clients on Monday including websites of the British government. The cloud computing giant – the world’s largest, accounting for roughly a third of the market – blamed a domain name system misconfiguration.
See Also: OnDemand | Beyond Recovery: Building Identity Resilience Against Modern Threats
The disruption affected several widely used applications and services, including British banks Lloyds and Halifax as well as some British government websites including Gov.uk and HM Revenue and Customs. AWS said it detected the issue during the first hours of Monday morning. By 5:27 a.m. EST it said that most services had been restored. Affected companies also included the Amazon.com storefront, Disney+, Ring doorbells, Venmo, McDonald’s and encrypted chat app Signal.
Amazon localized the failure to DNS resolution of the DynamoDB API endpoint in the cluster of data centers located in Northern Virginia, an area with the world’s largest concentration of cloud infrastructures (see: US NTIA Probes Data Center Security Risks).
It later said the root cause was in an internal subsystem responsible for monitoring network load balancers. “We are throttling requests for new EC2 instance launches to aid recovery and actively working on mitigations,” AWS said. It recommended companies still experiencing issues resolving DynamoDB, which is Amazon’s managed NoSQL database, to flush the DNS cache.
AWS is one of a handful of hyperscaler global cloud computing providers alongside Google and Microsoft. Its share of the infrastructure-as-a-service market outclasses any competitor, with roughly a 38% market share – more than Microsoft and Google, combined – research firm Gartner found earlier this year.
That level of concentration means any AWS outage can cascade across the internet. “My robot vacuum cleaner no longer works – can someone explain why a robot in Paris is linked to US-East? Talk about European digital sovereignty,” said Ulrike Franke, a senior policy tech policy fellow at the European Council on Foreign Relations.
German tech entrepreneur Stefan Gogol described Monday’s outage as a “digital equivalent of a metropolis losing power.”
“Despite AWS’s assurances of resilience, this highlights how centralization breeds vulnerability,” Gogol said.
An investigation by Democratic staff in the U.S. House of Representatives published in 2020 highlighted that dominant cloud providers take active steps to lock in customers including long-term contracts and fees for switching to another provider. A significant barrier is the technical hurdles to moving outsourced infrastructure from one provider to another. Businesses adapt by necessity to the unique technical frameworks through which cloud providers offer services, making vendor lock-in a default behavior, the report concluded.
Gartner predicted in late 2024 that global spending on cloud computing would reach $723 billion by the end of this year.
European customers of U.S. hyperscalers in particular have sought to reduce reliance on the big three providers. A French consultancy firm in April concluded that 80% of software and professional cloud service spending in Europe is spent with American companies at a cost of 265 billion euros annually.
A coalition of European tech CEOs and executives dubbed “EuroStack” is urging the European Union to adopt industrial policy that could create the conditions for the emergence of a continental tech industry equivalent to the United States. “We do not own the ‘kill switch’ and are vulnerable to various forms of vendor lock-ins,” a EuroStack white paper argues.
Earlier efforts to foster a European cloud with “European values” through a private-sector alliance called Gaia-X that had the support of national governments collapsed amid infighting. “There’s too many cooks in the kitchen,” a German cloud executive told Politico in 2021.