No, the Recent Cloudflare Outage Was Not a Cyberattack

A large-scale downing of websites across the Internet initially looked like a cyberattack, but it was really just a minor malfunction with one of the world's largest Web infrastructure providers.

the Cloudflare logo
Shutterstock/Sundry Photography
Websites all across the Internet became suddenly unavailable over the weekend, including prominent news and consumer sites like Politico and Shopify

While it may have seemed like the start of that "Cyber Pearl Harbor" we've all heard so much about, the reality is that the outages were the result of a processing error involving Cloudflare, the large Web infrastructure provider that powers pages across the Internet, including many government sites. 

The company was quick to clarify that the outage was not a cyberattack. Rather, it was a malfunction of its domain name system (DNS), which connects IP addresses to Internet domain names (like Govtech.com, for instance). In this case, an accidental configuration of a network "backbone" (an interconnective section of a network that links its disparate parts) sent an overload of traffic to one of the company's routers in Atlanta, which overwhelmed it and caused disruptions to network locations connected to the "backbone" throughout the world, according to the company. 

"Today a configuration error in our backbone network caused an outage for Internet properties and Cloudflare services that lasted 27 minutes. We saw traffic drop by about 50% across our network," wrote John Graham-Cummings, a company employee, on the Cloudflare blog


The outages occurred in cities all over the world, including "San Jose, Dallas, Seattle, Los Angeles, Chicago, Washington, DC, Richmond, Newark, Atlanta, London, Amsterdam, Frankfurt, Paris, Stockholm, Moscow, St. Petersburg, São Paulo, Curitiba, and Porto Alegre. Other locations continued to operate normally," said Cummings. 

Incidents like this are not uncommon, and can sometimes resemble a distributed denial of service (DDoS) attack. A much smaller version of what happened this weekend happened to the Michigan state network last year, prompting some to think a cyberattack had occurred.  

Lucas Ropek is a former staff writer for Government Technology.