Yesterday, Facebook and Instagram suffered from a worldwide outage, along with Messenger and fellow messaging service WhatsApp. All owned by Facebook, Inc.
The outage is the biggest DDoS attack recorded in history.
How did this happen?
At approximately 11:39 a.m. ET (15:39 UTC), someone at Facebook caused an update to be made to the company’s Border Gateway Protocol (BGP) records.
This is to say Facebook took away the map telling the world’s computers how to find its various online properties. As a result, when one types Facebook.com into a web browser, the browser has no idea where to find Facebook.com, and so returns an error page.
How does a DDoS attack look like?
In his project on Education Ecosystem, Nikos Tsiougkranas explains that DDoS (Distributed Denial-of-Service) attack, where attackers basically pool together tons of computing resources and use them to generate tons of traffic to a website. If they’ve got enough power, the website will go down — and that’s very likely what’s happened with Is It Down Right Now, except instead of malicious hackers, it’s half the internet accidentally overwhelming the service through sheer combined will. This is probably what happens when Facebook’s status page goes down along with the rest of its services.
What were the cascading effects worldwide?
When such a huge platform like Facebook drops off the internet, there are massive knock-on effects. For instance; Cloudflare, a company that runs a DNS service reported that it had to mobilize extra resources to keep up with the traffic of people trying to load Facebook, Instagram, and WhatsApp over and over.
John Graham-Cumming, Cloudfare CTO tweeted that “Cloudflare runs a free DNS resolver, 18.104.22.168, and lots of people use it. So Facebook etc. are down… guess what happens? People keep retrying. Software keeps retrying. We get hit by a massive flood of DNS traffic asking for http://facebook.com
How did Facebook react?
The latest information provided by the Facebook engineering team on the outage says; “Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication. This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt.”
Was user data compromised?
While an outage of this magnitude is likely to open opportunities for user data compromise, Facebook has reported that there is no evidence of such. In their latest statement, they say; “Our services are now back online and we’re actively working to fully return them to regular operations. We want to make clear that there was no malicious activity behind this outage — its root cause was a faulty configuration change on our end. We also have no evidence that user data was compromised as a result of this downtime.”