Subscribe
About
  • Home
  • /
  • Security
  • /
  • Recovering from Facebook’s six-hour blackout

Recovering from Facebook’s six-hour blackout

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 08 Oct 2021
Sizwe Gwala
Sizwe Gwala

Monday, 5 October 2021 will be remembered as a catastrophe in the mobile applications space, when Facebook, WhatsApp and Instagram all went down at the same time.

The six-hour blackout not only rendered platforms inaccessible to end-users, it blocked staff’s access to the internal network.

“A preliminary internal investigation pointed to the origin being a faulty configuration change on the backbone routers which serve to coordinate network traffic between data centres,” says Dr Sizwe Gwala, enterprise data governance manager at Alexander Forbes, who is commenting in his personal capacity.

He says the disruption to network traffic had a cascading effect on how data centres interconnect, bringing all services to a complete halt. “Approximately 3.5 billion people were affected by this ordeal... An added impact is the fact that this platform is a conduit to accessing other integrated apps and services such as shopping Web sites, research hubs, and banking apps, to name a few,” he explains.

Facebook had two previous major outage incidents on 14 April 2019 and 14 March 2019, both attributed to technical errors. “However, the current incident is the most severe given the centralisation of its social media platforms.”

Platform centralisation

According to Gwala, data integration and platform centralisation is an effective way for organisations to derive value from their data and build a data-centric business. With a centralised strategy, Facebook has been able to build consolidated data profiles on all of its users, and as such, is better placed to craft direct and customer-specific marketing messages.

This approach, however, also places the organisation at risk, because a cyber attack in one business area can affect the entire ecosystem.This recent Facebook incident can be attributed to a distributed denial of service attack.

“These, and similar cyber attacks, are often made possible by various business system vulnerabilities including compromised credentials, weak and stolen credentials, malicious insiders, poor encryption and ransomware attacks, to name a few.”

In hot water

Gwala says this blunder comes at a time when Facebook is already in hot water as it grapples with the massive exposure of its inner workings through numerous data leaks by a former employee coming to the fore as a whistle-blower.

“Frances Haugen, a former Facebook data scientist, exposed sensitive information detailing how the company prioritises profit over public safety, to the extent of altering or blocking publication of research contrary to its strategies,” he explains.

“Not only have recent events impacted the company share price, they further have had an impact on planned and current products and services, such as the Instagram for Kids App,” says Gwala.

This due to a leaked report detailing, among other things, that one in three teenage girls believe that Instagram heightens their body image issues, and some teenagers drawing direct correlations between suicidal thoughts and the app, he adds.

Remedying the current crisis

According to Gwala, there are several measures that Facebook and other mobile app businesses ought to consider to improve their online operations.

“As a first step the company ought to reconsider its communication strategy and prioritise transparency by sharing as much credible information as possible, while also appearing to be prioritising its customer’s livelihoods over profit.”

Other controls, says Gwala, include the embedment of a two-factor authentication system for accessing customer profiles; tracing password hygiene and use to identify high risk users; keeping an eye out for disgruntled users; and putting procedures and systems in place for tightening the configuration process. Finally they should use automation wherever possible.

Share