AWS Outage: A Cybercriminals Playground

Last month, Amazon Web Services (AWS) experienced one of the most disruptive cloud outages in recent memory. Affecting thousands of companies and millions of users globally, the incident exposed the fragility of our cloud-dependent infrastructure—and opened the door for cybercriminals to exploit the chaos.

The outage originated in AWS’s US-EAST-1 region, a critical hub in Northern Virginia. A failure in DNS resolution—the system that translates web addresses (www.findmehere...) into IP addresses (numerical identifiers), caused cascading disruptions across services. Even applications hosted outside the region were affected due to their reliance on shared endpoints.

To put it simply, DNS is like the internet’s phone book. If it fails, services can’t “call” the databases they need, even if those databases are functioning. This single point of failure rippled across the digital ecosystem.

According to Downdetector, over 16 million outage reports were logged across more than 60 countries. Platforms like Snapchat, Roblox, and Amazon retail were among the hardest hit. The outage disrupted banking apps, streaming services, smart home devices, government portals and hospital systems. Experts estimate the economic impact could reach hundreds of billions of dollars, factoring in lost productivity and halted transactions.

The Cloud’s Double-Edged Sword  

Cloud computing has revolutionised business operations, enabling scalability, speed, and cost-efficiency. But as this outage showed, centralisation comes with risks. When a dominant provider like AWS fails, the consequences are global. The incident reignited concerns about the monopoly held by AWS, Microsoft Azure, and Google Cloud, which together control over 80% of the cloud market.

As AI-native applications become more common, the risks compound as they often rely on cloud infrastructure—creating a double exposure. If either fails, the entire system collapses. Experts warn that future outages could be even more severe.

Cybercriminals Exploit the Confusion  

While AWS engineers worked to restore services, cybercriminals seized the moment. Outages create a “perfect storm” for social engineering attacks, preying on user confusion and anxiety.

When apps stop working, users may wonder if they’ve been hacked or if their data is at risk. Cybercriminals exploit this doubt. Fake emails and texts impersonating AWS, banks, or familiar apps offer “fixes” or warn of “security breaches.” These messages often link to phishing sites or prompt users to reset passwords—handing credentials to attackers.

Some scams lead to Authorised Push Payment (APP) fraud, where victims are tricked into transferring money under false pretences, often by fraudsters posing as bank staff.

Staying Safe During Outages

To protect yourself:

• Don’t click on unsolicited links.
• Verify alerts through official apps or websites.
• Use strong passwords and enable multi-factor authentication.
• Delay sensitive actions until services are confirmed restored.
• Monitor accounts for unusual activity.
• Most importantly, take a breath and Take Five To Stop Fraud and think through sensible next steps.
• If you’re in the UK and you receive an unsolicited call from your bank, hang up and call 159.
  
  Experts also recommend having backup systems, like secondary email accounts or offline storage, to maintain access during disruptions.

A Wake-up Call

To find out more about protecting your customers from scammers contact our team today. 

Our Network API solutions are helping to protect consumers from APP fraud and social engineering attacks through strategic partnerships with mobile network operators and the financial services industry.

Get in touch to learn more.