Internet outages at HMRC, Halifax and Lloyds reported after AWS disruption

Disruption affecting Amazon Web Services led to a spike in reported outages across a wide range of internet services including those of HMRC, Halifax and Lloyds.

Downdetector, a website which tracks complaints about online services, showed a spike in reports on Monday morning, including more than 2,681 at Amazon Web Services (AWS) and 500 reports of issues for the HM Revenue & Customs (HMRC) website by 9am.

Other services showing a spike in reported outages included Snapchat, Slack and Ring.

Reported outages on Downdetector appeared to spike between 9am and 10am for most services, and then decline through Monday morning, with AWS stating at 10.27am it had seen “significant signs of recovery”.

AWS added at 11.35am that the “underlying DNS (domain name system) issue has been fully mitigated”.

Customers also reported an increase in outage reports at UK banks including Lloyds, Halifax, and Bank of Scotland – with 6,925 Downdetector outage reports at Lloyds at 9.31am.

An error message posted on Halifax’s website read: “Sorry, we’re unable to process your request at the moment. We’re currently having some technical problems.”

Professor Alan Woodward said history suggests the AWS outage will have been caused by “something relatively simple like a misconfiguration in DNS or BGP (border gateway protocol)”.

The visiting professor of computing at the University of Surrey said: “Once these errors propagate across the internet, it takes a while for the update to reach the far corners of the internet, so the outage can appear longer than you might expect for such minor errors.

“What this episode has highlighted is just how interdependent our infrastructure is. So many online services rely upon third parties for their physical infrastructure, and this shows that problems can occur in even the largest of those third-party providers.

“Small errors, often human made, can have widespread and significant impact.”

Professor Oli Buckley, an expert in cyber security at Loughborough University, said DNS is “essentially a phone book for the internet, it tells devices where they need to go to find a particular service”.

He added: “When this happens it hits thousands of systems that rely on it, and they can’t find the right server.

“Ultimately this means that they slow down as they try to locate it, and eventually just stop trying.”

Marijus Briedis, chief technology officer at NordVPN, said the outages highlighted “a serious issue with how some of the world’s biggest companies often rely on the same digital infrastructure, meaning that when one domino falls, they all do”.

Mr Briedis said: “From streaming services to online banking, so much of our digital life depends on just a few cloud providers. While Amazon Web Services might already have found the technical fault, this still provides a prime opportunity for hackers to look for vulnerabilities while defences may be down for affected companies.

“In the hours ahead, as AWS works to fix the issue, look out for potential phishing emails or messages that try to deceive you into clicking on malicious links or ask you to urgently change your details to protect your account. These could be attempts to infect your devices with malware or steal your data.”

A service health update by AWS posted at 10.01am stated the company had identified a potential root cause, adding: “Based on our investigation, the issue appears to be related to DNS resolution of the DynamoDB API endpoint in US-EAST-1.

“We are working on multiple parallel paths to accelerate recovery. This issue also affects other AWS Services in the US-EAST-1 Region.

“Global services or features that rely on US-EAST-1 endpoints such as IAM updates and DynamoDB Global tables may also be experiencing issues.”

A further update at 11.03am stated: “We continue to observe recovery across most of the affected AWS services.

“We can confirm global services and features that rely on US-EAST-1 have also recovered.”

AWS had previously said that its Amazon DynamoDB database service had been “degraded” and over 70 services had been “impacted” including Amazon CloudFront, AWS Config and AWS Security Token Service.

A spokesperson for VodafoneThree said: “Vodafone and Three networks are operating normally.

“Some customers may have difficulty accessing certain apps and websites due to a wider issue with Amazon Web Services (AWS). This is unrelated to our mobile networks. We are continuing to monitor the situation.”

AWS is the world’s largest cloud computing provider and offers a wide variety of services, including storage, databases, machine learning, and security tools.