Azure Outage: The Risks of Cloud Infrastructure Reliance

Just a week after a devastating AWS outage brought operations to a halt for millions of users and thousands of businesses worldwide, Microsoft is now hitting headlines for similar reasons.

Azure’s latest outage has, once again, exposed the inherent vulnerabilities of a hyperconnected digital ecosystem. 

Household names impacted in this outage include Asda, M&S, O2, Starbucks, Kroger, Alaska Airlines and Heathrow Airport thanks to Domain Name System (DNS) issues: the same cause at the root of AWS’ outage last week.

The incident lasted more than eight hours.

For many – whether businesses or individuals – the disruption shows a growing dependence on a handful of global cloud platforms that serve as the backbone for services ranging from communications to transaction processing and essential productivity tools.

The latest outage – impacting critical sectors like travel and even gaming – reinforces urgent calls for greater cyber resilience and digital sovereignty in today’s economy following AWS’ disruption last week.

The ‘digital pandemic’ effect

Chris Dimitriadis, Chief Global Strategy Officer of ISACA – an international professional association focused on IT governance – says the Azure crisis is part of a wider pattern that he calls a “digital pandemic.” 

“When the CrowdStrike outage hit last year, I coined the term ‘digital pandemic’ –  where a single point of failure in the technology ecosystem can cause ripple effects across multiple industries,” he says.

“More than a year later, we are witnessing recurrent widespread outages, like the Microsoft Azure outage and the disruption to Amazon Web Services. Both incidents impacted critical sectors including communications, retail and workplace productivity tools worldwide.

“It’s yet another stark warning of how interconnected and fragile our digital world has become.”

Chris’ core message is clear: “Organisations are now at a crossroads as today we may have faced a bug in the system, tomorrow attackers may be able to exploit this fragility and cause massive impact. 

“By weaponising AI, hacking will become mainstream, identifying weaknesses and orchestrating an attack to exploit them permitting anyone to launch an attack at the speed of intent.”

Azure’s outage: The ripple effect

Azure’s outage – like those of other major providers – has shown just how swiftly one fault can immobilise global commerce and connectivity. 

Raphael Auphan, COO at Proton, stresses the gravity of widespread dependence on just a few vendors.

He says: “For the second time in two weeks, we've seen a massive portion of the internet taken offline thanks to the mistakes of a solitary tech giant. 

“As if we needed reminding, this is further proof that relying on a handful of major cloud providers creates serious vulnerabilities across the internet and puts whole economies at risk in the process.

“Just like the AWS outage last week, Azure’s latest failure showed how easily the ripples from an outage can spread globally and highlighted the danger of our global dependence on US technology. 

“Simply put, when the whole world relies on tech from a tiny number of companies, from one country, then the whole world is vulnerable. 

“The only answer for the UK, Europe and elsewhere is to prioritise digital sovereignty – in other words, to develop their own native services. We need to stand on our own two feet if we're going to have any chance in the future."

The need for greater cyber resilience

The urgency for cyber resilience and supply chain protection is no longer theoretical. 

Because of this, Chris urges immediate action.

“We must act now to embed cyber resilience into the very fabric of our digital infrastructure. That means investing in education, training and building a larger, better-equipped army of cybersecurity professionals who can envelope our supply chains in resilience.

This point is echoed by Mark Odom, Senior Solutions Engineer at Black Duck, who adds: “This story highlights the importance of ‘don’t put all your eggs in one basket’.

“Similar to how these large providers plan for the possibility of regional/physical failures by placing data centres in different locations around the world, another consideration should involve the possibility of provider failure. 

“Important services should use automatic failover to ensure business continuity in the event that their providers experience an outage.

“With technology so heavily relied upon in our society, it’s critical to keep disaster recovery plans fluid and dynamic.”

Jamie Beckland, CPO at APIContext, continues: “We saw a number of the Fortune 500 impacted by this outage within minutes of the Azure issues commencing.

“Companies know that it's essential to failover gracefully and have multi-cloud infrastructure. Even the best-performing platforms in the world have issues. 

“But too often, operational resiliency is treated as a nice-to-have or an afterthought. Continuous monitoring of your vendors and critical third parties is essential to hold them accountable for delivering as expected.”