Facebook is down, along with Instagram, WhatsApp, Messenger, and Oculus VR

News Insights:

Bill Lawrence, CISO, SecurityGate:    “Outages like this show that, for all that was learned since the DDoS attack on Dyn in October of 2016, five years later the Internet remains fragile when services like DNS get interrupted for some reason.  It will be interesting to see what caused this lingering outage to several jewels in the Facebook family.”

Saryu Nayyar, CEO, Gurucul (she/her):    “As more facts about Facebook and its business practices become public, its users’ anger seems to be on the rise.  If they are attackers, they respond by attacking – in this case, possibly a DDoS attack that flooded the company’s DNS server. This isn’t the first time there has been a massive DNS attack; in 2016, DDoS attacks on October 21, 2016, targeting systems operated by DNS provider Dyn took down hundreds of companies.  Many large organizations guard against the loss of their DNS by maintaining multiple DNS systems across different DNS providers.  While the cause of Facebook’s problem isn’t yet clear, it would be amazing if they hadn’t already set up multiple DNS providers.”

Julian Dunn, director of product marketing at PagerDuty: “Outages like Facebook and Instagram mean big money for companies. Some companies are estimated to lose nearly five million dollars for every hour of the outage to their website. Although multi-hour outages are relatively rare, even short ones — 15 minutes or half an hour — have an outsized impact, as impatient consumers are all too eager to leave a down site and go elsewhere. Plus, there’s a huge effect on the IT and developer teams that keep the systems running the sites we visit every day. We are seeing technical teams working extra hours which is contributing to the Great Resignation every company is experiencing right now.”

Ron Bradley, VP, Shared Assessments: “The Human Element is the Most Vulnerable Element. While it’s too soon to confirm, it’s widely believed the recent outage on Facebook was related to DNS configurations and/or BGP routes, so what does this mean?  DNS stands for domain name service and BGP is the border gateway protocol. Think of it this way. When you want to get driving directions to your favorite restaurant you may or may not know the address (DNS), but that’s ok, because the address is static and not likely to change. You then rely on your smart device to get directions (BGP) with the fastest route for you. The same is true for Internet traffic. How does this relate back to Facebook and the human element? Business computer “street addresses” rarely (if ever) change, especially on the global scale of Facebook. Millions of users asked their phone or computer to take them to Facebook, and the route was unknown, too busy, or inaccessible (happens all the time in L.A., traffic there is brutal). DNS servers and BGP routers are closely guarded assets due to their criticality. Imagine closing down the Golden Gate bridge or the Lincoln tunnel during rush hour. Internet routers, switches, firewalls, and DNS servers don’t change configuration without human action. Whether it was intentional or accidental, internal or external, the fact remains it was a major outage and I’m certain Facebook is deep in the throes of a root cause analysis.”