October 20, 2025

expert reaction to Amazon internet services outage

Scientists comment on an Amazon internet services outage affecting many websites and apps.

Dr Graeme Bragg, Computer networking expert, University of Southampton, said:

“This morning an issue affecting Amazon’s US East caused significant disruption, with the underlying cause attributed to a problem with DNS – the ‘phone book’ of the internet that helps computers find each other.

“This has affected lots of services hosted in different regions because Amazon host a lot of their management infrastructure that other services depend on in that region. This is a significant outage because of how many companies rely on Amazon and the global scale of the impact.

“The underlying issue has now been resolved but it will take some time to propagate across the internet. Amazon’s servers also have a backlog of requests to work through, so it’s likely that we will see some disruption for the rest of the day.”

Dr Soohyun Jeon, Assistant professor/Lecturer in Operation and Information Systems Management, Brunel University of London, said:

“The outage currently affecting Amazon Web Services (AWS) represents a major disruption to one of the world’s most critical pieces of digital infrastructure. Early reports indicate that the issue originated in AWS’s US-East-1 region (N. Virginia), which underpins a wide range of global operations. Amazon has acknowledged increased error rates and latency across multiple services, and while mitigation steps are under way, the backlog of queued requests means users are likely to experience intermittent disruption for some time.

“Although the precise root cause has not been fully confirmed, AWS has pointed to a technical fault involving the DNS resolution of its DynamoDB API endpoint rather than any evidence of a cyberattack. This kind of configuration-level failure, while not unusual in large-scale distributed systems, can cascade rapidly because so many online services rely on shared cloud infrastructure. What begins as a localized fault can therefore manifest globally within minutes, impacting platforms ranging from gaming and social media to banking, telecommunications, and government portals.

“The scale of this incident highlights the deep interdependence that defines today’s digital ecosystem. AWS is a core provider of “invisible” infrastructure; many users are unaware that their apps, payment systems, or even smart devices depend on its services. When such a backbone fails, the effects ripple widely — not only technically, but economically and reputationally, as downtime translates directly into lost transactions and consumer trust.

“This event serves as a timely reminder for both private and public organisations to strengthen resilience and continuity planning. Reliance on a single cloud region or provider introduces concentration risk, which can be mitigated through multi-cloud or multi-region redundancy strategies. It also underscores the importance of transparency and shared responsibility in cloud governance.

“While full service restoration is expected within hours rather than days, the broader lesson is that digital resilience depends not just on rapid technical recovery, but on strategic preparedness for inevitable disruptions in an increasingly interconnected infrastructure.”

Professor Oli Buckley, an expert in Cyber Security at Loughborough University, said:

“What we’re seeing this morning is a major outage at AWS, centred on the US-EAST-1 region in Virginia, which has spread out across the globe, impacting a lot of different websites, apps and services that we rely on. 

“What we know so far: AWS’s status update mentions “increased error rates and latency” for multiple services in that region, this is pretty much shorthand for ‘requests are failing or taking too long’. To put it more succinctly it means that anything built on top of that service starts to wobble. The problem that we’re seeing now is the realisation of just how big AWS in terms of the services it supports – people are quickly learning that Amazon is more than just shopping and streaming movies. A wide range of platforms, from social apps like Snapchat, gaming services like Fortnite, voice assistants such as Alexa, and even banking/login services in the UK, have reported disruptions.  

“What we don’t yet know: The exact root cause remains unconfirmed publicly, though reporting suggests the problem may involve DNS resolution of the DynamoDB API endpoint in US-EAST-1. DNS is essentially a phone book for the internet, it tells devices where they need to go to find a particular service. When this happens it hits thousands of systems that rely on it, and they can’t find the right server. Ultimately this means that they slow down as they try to locate it, and eventually just stop trying. 

“It’s hard to say how long the full restoration will take or how many downstream services will face lingering impact. What we can say is that it is unlikely to be resolved by the simple flick of a switch, I don’t think turning it on and off is going to cut it here! Once AWS resolves the issue we also need to the ripples across the internet to calm down, as everyone else tries to get themselves back online. 

“How long services might be affected: In past incidents of this scale in the US-EAST-1 region, recovery has taken a few hours, but “few hours” doesn’t always mean “everything back to normal”, we can also see residual delays, access issues and flaky performance may persist while things work themselves out. 

“How significant is it? This outage is extremely significant because AWS is a backbone for much of the internet’s infrastructure, it’s a really stark reminder of how many well known services rely on a handful of providers and services themselves. For example, CloudFlare had a couple of outages in the last few years that cascaded through the internet making a variety of things unavailable. When a core region of such a big service falters, the knock-on effect is broad, consumer apps, enterprise systems, even banking and national services may feel the impact. There’s nothing to suggest this is any kind of attack, in fact it feels like a regular operational outage at the moment. It does serve as an excellent reminder that these things can impact even the biggest tech companies in the world, and contingency planning is really important (even if it’s less sexy and exciting than cyber attacks, espionage and intrigue). It’s a reminder that we need to think about resilience, and not just defences; systems still need to be able to recover quickly, communicate clearly and keep the essential services running. 

“Other comments of relevance:

• This is a strong reminder of the single-point-of-failure risk: when many services rely on one cloud region or one provider, an outage there impacts them all.
• Organisations should use this moment to reflect on fail-over and resilience strategies (e.g., multi-region/cloud architecture, backups, manual fallback procedures).
• For individual users, the take-away is simpler. If an app or service you use is down, it may well be because the infrastructure is impacted, it doesn’t always mean your device or account has been compromised.
• And finally: while speculation about malicious intent is tempting, we should wait for verified information. Premature blame or panic doesn’t help, clarity and calm do.

“In short: yes, this is a big deal; yes, we should take notice; but also: no, this is not a reason to cancel your cloud migration plans overnight. It is, however, a reason to check how resilient your systems really are.”

Dr. Nura Abubakar, Modelling & Simulation Group, Computer Science Department, Brunel University of London, said:

What do we know about the situation right now?

“Amazon Web Services experienced a significant outage beginning at approximately 8 AM UK time on Monday, October 20, 2025. It affects dozens of popular websites and applications worldwide. The disruption has impacted major platforms, including Snapchat, Roblox, Fortnite, Coinbase, Duolingo, Ring, and banking services. AWS reported seeing “significant signs of recovery” as of 5:27 AM ET, with most requests now succeeding. However, they continue working through a backlog of queued requests.”

How significant is this outage?

“This is a highly significant disruption. AWS holds a 30% market share of the global cloud infrastructure market with more than four million customers, reports CNN Business. This represents the first major internet disruption since last year’s CrowdStrike malfunction that affected hospitals, banks, and airports. The cascading impact demonstrates how interconnected modern business systems have become. AWS’s core services provide database and computing power that thousands of companies rent to run their applications. The outage affected not just commercial services but also critical infrastructure, including UK government services like HMRC, banking services, and telecommunications providers, Euronews. This highlights how dependent global digital infrastructure has become on a small number of cloud providers.”

Do we know what might have caused this outage?

“According to AWS’s official status page, the problem originated from issues with DynamoDB, a database management system, in the US-EAST-1 Region located in northern Virginia. Amazon Web Services outage takes leading websites offline. AWS confirmed they identified a potential root cause and stated they are “working on multiple parallel paths to accelerate recovery”. The issue is related to DNS resolution of the DynamoDB API endpoint. It is a problem between the domain name servers and the interface connecting clients to servers.”

How long might services be affected for?

While AWS first reported the problem at 12:11 AM PT (3:11 AM ET), significant recovery began around 5:27 AM ET (10:27 AM UK). Many services are returning to normal operation, though some platforms continue experiencing residual issues. AWS has not provided a definitive timeline for complete restoration, but the trend suggests most services should be fully operational within hours.”

What is AWS?

“Amazon Web Services (AWS) is Amazon’s internet-based cloud service that connects businesses to people using their apps or online platforms. Businesses using AWS pay a subscription fee to enable reliable online communication between companies and their customers. AWS is a cloud computing platform that provides backend IT infrastructure, including data storage, computing, databases, and artificial intelligence services to paying customers. It allows companies to run their websites and applications without building their own physical data centres.”

Additional context:

“The issue centred on AWS’s US-EAST-1 region, but the scale of disruption shows how heavily businesses worldwide rely on a small number of cloud providers for critical operations. This incident serves as a reminder about the importance of redundancy and diversification in cloud infrastructure strategies.”

Dr Sadaf Hina, Lecturer of Cybersecurity, The University of Salford said:

“Such a large-scale technical outage could stem from various causes, including system misconfigurations, a failed update or patch, DNS (as Lee mentioned) hardware malfunction, or even a potential service exploit. However, these remain assumptions until formally confirmed by AWS.

“Earlier today, I personally experienced issues with Life360, which stopped functioning properly. After searching online for updates, I found no official explanation at the time, and the app continues to malfunction. This is just one example. Millions of users and businesses worldwide are being affected by this outage. Unfortunately, such incidents often create opportunities for scammers and social engineers to launch phishing campaigns, exploiting users’ confusion and urgency.

“It’s therefore essential for organisations to proactively raise awareness through internal and external communications, advising users to remain cautious of unsolicited emails or links claiming to offer “fixes” or “updates” related to the outage. Clear, timely communication can significantly reduce the risk of secondary cyberattacks triggered by such large-scale disruptions.”

Prof Jon Crowcroft FRS FREng, Marconi Professor of Communications Systems, University of Cambridge, said:

“One interesting challenge is that the back channels a lot of tech people use to communicate information/tech details about ongoing outages are also taken down by this outage – hence our usual ways of learning (e.g. via signal or slack) are both currently stymied by the AWS outage.”

Dr Saqib Kakvi, from the Department of Information Security at Royal Holloway, University of London, said:

“At 6.56am UTC (0756 BST) AWS started to receive issue reports from users and within a few hours more than 500 companies were reporting errors.

“The issue is rooted in the DynamoDB service in Amazon’s US-EAST-1 region. The exact nature of the fault is currently not publicly available, but AWS reports they are working to repair it.

“The most likely mitigations are distributing the load to the three remaining US Regions or even further to the two Canadian Regions and the eight European Regions.

“Another option is to start up backup hardware in the US-EAST-1 region with a known working configuration as the faulty versions are repaired. It would be likely that full service will resume by EOD.”

Rimesh Patel, IET member and Independent Cyber Specialist said:

“This major online outage underscores a stark reality: Business operations associated with one critical vendor in a region can cascade into global instability. What began as a service interruption has rippled outward, potentially compromising key systems at the very start of the business week – an illustration of how supply chain and infrastructure resiliency must be front of mind for every organisation. Amazon has reportedly committed full resources to restoring affected services, but in the interim the burden falls to other organisations to mobilise rapid responses, isolate impacts, and limit service degradation wherever possible.”

Prof Alan Woodward, Visiting Professor of Computing, University of Surrey, said:

“Although we don’t yet know the exact cause of the outage at AWS history suggests it will be something relatively simple like a misconfiguration in DNS or BGP. Once these errors propagate across the Internet it takes a while for the update to reach the far corners of the Internet so the outage can appear longer than you might expect for such minor errors. 

“What this episode has highlighted is just how interdependent our infrastructure is. So many online services rely upon third parties for their physical infrastructure, and this shows that problems can occur in even the largest of those third-party providers. Small errors, often human made, can have widespread and significant impact.”

Patrick Burgess of BCS, The Chartered Institute for IT said:

“It appears the issue has emerged from one of Amazon’s US East data centres, resulting in errors across a range of services. At this stage there’s no indication of any cyber-related cause; it looks to be a technical fault. Given the scale of Amazon Web Services, which supports much of the world’s digital infrastructure, it’s not unusual for incidents like this to have a broad impact.

“Amazon tends to be transparent and proactive when resolving outages, so we can expect further updates and a swift resolution. This does, however, highlight how interconnected and reliant our everyday digital services have become on a small number of global cloud providers. Building resilience and ensuring diversity across these systems is essential to maintaining trust and continuity in our digital economy.

“That resilience ultimately depends on skilled, ethical IT professionals who design, maintain and protect the systems we rely on every day.”

Prof Nishanth Sastry, Director of Research, Department of Computer Science, University of Surrey, said:

“The issue seems to be a failure of DynamoDB. More specifically, increased errors which is causing things to spiral out and nothing works on US-east-1). The recovery should be soonish, as the severity has been upgraded from “Disrupted” to “Degraded” about a minute ago, with the message “Oct 20 2:27 AM PDT We are seeing significant signs of recovery. Most requests should now be succeeding. We continue to work through a backlog of queued requests. We will continue to provide additional information.”

“This is a significant outage that has affected many huge companies, well known brands that most of us know about and rely on. It also includes Amazon’s own services such as Alexa and home lighting systems, Ring Doorbell, etc.

“The main reason for this issue is that all these big companies have relied on just one service — AWS — without planning for redundancy, e.g., having a backup with Microsoft Azure cloud, rather than just AWS. Even within AWS, it appears that the errors are mostly concentrated in the US-East location in Virginia, so multi-region setups which includes backups in other AWS locations might be more resilient.

“We have all come to rely on Amazon cloud and it mostly operates without any errors (that are visible to the consumer), so when something extraordinary like this happens, we are all wrong footed.. A lesson for the future!”

Prof James Davenport, Hebron and Medlock Professor of Information Technology, University of Bath, said:

“It might seem surprising that UK-based companies are reliant on AWS in US-EAST-1 at all, but it is important to remember two things.

1. While AWS launched in 2006, its first explicitly UK ‘region’ EU-WEST-2 didn’t start until December 2016. Hence anyone using AWS before 2016 would need to go back over all their system and explicitly restrict running to EU-WEST-2. Note that missing a part of the system will not stop the system working
2. A cloud deployment is a complicated piece of infrastructure with many components, some invisible. To give an analogy, we may insist on petrol-free food delivery. That might work for our delivery trucks, and even the trucks that deliver from the warehouse to your shop. But what about the snowplough the council uses to clear the road in winter? I have seen a list of 37 Amazon services that are impacted by US-EAST-1 (essentially AWS’ first region), less than half of which I even recognise.”

“Initially worrying to see that UK banks are affected by an outage which Amazon say is in US-EAST-1 region.

“UK Banks should be confining their usage to UK, or at least European regions, but it might be that they rely on some service that actually runs out of US-EAST-1.

“Obviously this is causing an impact now, but it might mean that some customer data is being handled in the U.S. or possibly that customer usage patterns, even if not actual banking data, can be inferred. We don’t know. 

“This would seem to indicate at least some unexpected dependency (easy enough to happen, but proper cloud auditing should have detected it if Lloyds itself is responsible – quite possibly a third-party dependency which Lloyds has not guarded against).  In any case, worrying.”

Konstantinos Mersinas PhD, Associate Professor, Information Security Group at Royal Holloway, University of London, said:

“At the moment, we do not have much more to report as we are waiting for evidence.

“Indeed, we are aware of the outage currently reported by AWS in the US-EAST-1 region, involving increased error rates and latency across multiple services. At this stage, the root cause remains under investigation.

“For now, there is no indication or evidence to suggest an attack or any particular motivation behind the incident. At the time of writing, no timeframe for resolution has been announced.

“Historically, such cloud outages can last a few hours for initial recovery. However, we can never exclude ‘black swan’ incidents; in this context, rare, unpredictable, and high-impact events.

“This indicates the cybersecurity mindset: we have to always expect the unexpected. Due to the fact that many major services and business applications rely on AWS infrastructure (particularly the US-EAST-1 region), the disruption is broadly significant, affecting consumer apps, enterprise services, and wider parts of the ecosystem.

The incident underscores the critical importance of focusing on both organisational and infrastructural cyber resilience.”

Dr Junade AIi, Software Engineer, Cyber expert and Fellow at the Institution of Engineering and Technology said:

“The large-scale outages of web services appears to have been caused by a major incident affecting one system in one Amazon Web Services data centre location. Amazon Web Services provide computing resources to other companies to use to develop their own projects, housed in various locations around the world. 

“So far, Amazon is reporting that the root cause appears to be an issue with one of the networking systems used to control a database product. As this issue can usually be resolved centrally, with multiple different options – unless there are further issues identified – the issue should be able to be mitigated over the coming hours.

“Single points of failure are a growing concern when it comes to the resilience of technical systems. This issue highlights the challenges with depending on single cloud computing regions from single cloud computing vendors and highlights the need for resilience to be built-in to essential services which people are expected to rely upon.” 

https://www.bbc.co.uk/news/live/c5y8k7k6v1rt 

Declared interests

Prof James Davenport: I am a customer of Lloyd’s bank

Dr Junade AIi: No conflicts of interest

Konstantinos Mersinas: No conflicts of interest

Prof Nishanth Sastry: No conflicts of interest

Rimesh Patel: No conflicts of interest

Dr Saqib Kakvi: No conflicts of interest

For all other experts, no reply to our request for DOIs was received.