On October 4, 2021, the global social network Facebook and its associated platforms faced a global outage that lasted approximately six hours. This outage not only impacted all Facebook users, but it also blocked internal communication between its employees and made it difficult to resolve the incident.
Although misinformation on social media theorized that they had been compromised, the social media corporation has confirmed that a Border Gateway Protocol (BGP) update caused the massive service interruption.
What caused the Facebook outage?
All websites rely on a Border Gateway Protocol to make its network visible to the rest of the internet and an Autonomous System Number (ASN) to help them reach specific IP address groups in order for users to access the website.
With this incident, a BGP update changed Facebook’s internal configurations, and the social network was no longer transmitting the prompt codes necessary for users to access the website. These changes did not allow Facebook’s DNS to resolve domain names and caused an outage for all users. Although other Facebook IP addresses were still accessible, they needed Facebook’s DNS to function, and these services also practically were offline.
#Facebook has confirmed that a Border Gateway Protocol (BGP) update caused the massive service interruption that hit their platforms on October 4, 2021. #CyberSecurity
Because websites as large as Facebook and Instagram have DNS resolvers that handle up to 30 times more queries than usual, this caused a cascading disruption to network traffic and on how Facebook’s data centers around the world. Facebook employees struggled to access company buildings and conference rooms during the outage, and the company had to dispatch engineers to the data center to resolve their network issues.
At the time of publication, Facebook’s services are back up and running, and there is no security risk for any of the social media platforms’ users.
For more in-depth information about the outage, please visit the following links:
This post was based off a threat advisory issued by our SKOUT Managed XDR team. For more info on how to best prepare your MSP business to protect clients from cyberthreats, visit the Barracuda SKOUT Managed XDR page.