Tag Archives: cyber attacks

2026, Amazon, Cloud, Cloud Storage, Middle East

AWS, Middle East Escalation and a Very Real Reminder That the Internet Is Physical

Leave a comment

Over the weekend something unusual happened.

The AWS Health Dashboard lit up with warnings across the Middle East regions, while at the very same time global news outlets were reporting escalating military action across the Gulf.

If you run infrastructure in the cloud, or even if you just assume “the cloud” is always there, this was a sobering moment.

Let’s unpack what actually happened.

What Amazon Web Services Said

According to the official AWS Service Health Dashboard:

“Objects struck the data centre, creating sparks and fire.”

That is not typical outage language.

AWS reported that two Availability Zones in the ME-CENTRAL-1 region were impaired due to a localized power issue. Power was shut off while emergency services responded, and recovery would require:

  • Repair of facilities
  • Restoration of cooling systems
  • Restoration of power systems
  • Coordination with local authorities
  • Safety assessments before re-energising the site

Customers were strongly advised to fail over to alternate regions, ideally in Europe.

This was not a minor API hiccup. EC2, S3, DynamoDB, the AWS Management Console and dozens of other services experienced elevated error rates.

The cloud, quite literally, caught fire.

Source: AWS Service Health Dashboard

At The Same Time… The World Was On Edge

Simultaneously, live coverage from BBC News reported dramatic escalation in the region:

  • Iranian strikes on a major gas plant in Qatar
  • A refinery fire in Saudi Arabia
  • Drones intercepted over Cyprus heading towards a UK base
  • Escalating conflict involving Israel, Lebanon and Iran
  • Reports that Iran’s Supreme Leader had been killed in US and Israeli strikes

Gas prices reportedly spiked sharply on international markets.

Source: BBC Live Coverage

AWS has not explicitly linked its data centre incident to military activity.

But when you read phrases like “objects struck the data centre” in the same time window as confirmed missile and drone activity across the Gulf, the coincidence is difficult to ignore.

The Myth of the Abstract Cloud

We talk about:

  • Serverless
  • Containers
  • Regions
  • Availability Zones
  • Multi-AZ architecture

All wonderfully abstract.

But this weekend was a reminder that the cloud is:

  • Concrete buildings
  • Power substations
  • Cooling plants
  • Diesel generators
  • Fibre routes
  • Security perimeters

Remove electricity and you remove the cloud.

Damage cooling systems and you shut down racks.

If local authorities tell you to keep power off, your “infinite scalability” suddenly looks rather finite.

Why This Matters To You

If you deploy only in one region, you are accepting regional geopolitical risk whether you realise it or not.

AWS always recommends multi-AZ design. Many organisations stop there.

But this incident affected more than one Availability Zone in the same region. That is the critical detail.

Multi-region redundancy is no longer theoretical resilience planning. It is operational reality.

If your backups sit in the same geography as your primary systems, that is not true disaster recovery.

The Bigger Lesson

We spend huge amounts of time worrying about:

  • Cyber attacks
  • Zero day exploits
  • Ransomware
  • Misconfigured S3 buckets

Yet physical risk is often treated as someone else’s problem.

This event shows that geopolitical instability can ripple directly into cloud availability.

Cloud providers are extraordinary at redundancy. But they are not immune to real world events.

When missiles fly and power grids are shut down, even hyperscale infrastructure feels it.

Final Thoughts From The Server Rack

I have long argued that we live in a world where digital and physical are inseparable.

This weekend was a perfect example.

A regional conflict.
Energy infrastructure under threat.
Data centres hit.
Gas markets spike.
APIs fail.

The internet is not floating in the ether. It is bolted to the floor.

If you are running production workloads, ask yourself one simple question:

If my region goes dark for 24 hours, what happens next?

If the answer is panic, then this weekend was your warning shot.

As ever, the smartest architecture is not the cleverest. It is the most resilient.

And resilience, increasingly, means geography.

Crowdstrike, Gadget Man, Matt Porter, Microsoft, Podcast, Technology, The Gadget Man, Worldwide Outage

Global Windows Crash Crisis: Crowdstrike Falcon Sensor Update “Defect” Disrupts Key Sectors Worldwide

Leave a comment

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Email | TuneIn | RSS | More

Today, I’m addressing a significant issue affecting numerous Windows users worldwide. Reports have emerged of widespread crashes, commonly referred to as the “blue screen of death,” impacting various critical sectors, from transportation to banking and media.

I spoke with Sarah Julian at BBC Radio WM about the worldwide problems that continue to persist

Understanding the Issue:

The root cause of these crashes has been traced back to an overnight software update for CrowdStrike’s Falcon Sensor. For those unfamiliar, Falcon Sensor is a security tool designed to act as a sentinel for your computer, monitoring and protecting against malicious activities. A single corrupted system file from this update is causing Windows systems to crash upon booting.

Why This Matters:

Windows holds a substantial market share, with 72% of global computers running this operating system. The automatic update to Falcon Sensor has inadvertently introduced a fault, leading to these severe crashes. The update, once applied, seems to corrupt system functionality, causing the dreaded blue screen on countless machines.

Impact Across Sectors:

The ripple effect of this issue is profound. The update has disrupted services across various sectors:

  • Transportation: Both train and plane operations have been hampered.
  • Banking: Financial institutions are facing operational challenges, with payment systems affected.
  • Media: Broadcast systems have been affected, causing interruptions, including Sky News and CBBC.
  • Healthcare: NHS GP surgery systems are impacted, with reports of doctors having to handwrite prescriptions.
  • Emergency Services: Even essential services like emergency call centres have not been spared.
  • Airports: Airports, including Birmingham Airport, have reported issues with check-in services, and operations at the Port of Dover are also impacted.

Al Lakhani, CEO of IDEE, said:

“Many people might be thanking Microsoft for their accidental day off, but countless businesses are suffering due to Microsoft’s and their partners’ failure to maintain their services. This incident underscores the importance of businesses thoroughly researching and vetting their cybersecurity solutions before implementation. Microsoft clearly fell short in this regard, and we are witnessing a cascade of operational failures around the world as a result.”

“CrowdStrike’s platform approach, which relies on a single agent focused on detection, might seem good at first glance, but as we can see, it can create significant issues. For instance, agents require installation and maintenance of software on multiple different OSes, adding layers of complexity and potential points of failure. Moreover, agents can become a single point of failure, as a bad update can compromise the entire network, as seen with the SolarWinds attack.

“The lesson here is blindingly obvious: investing in cybersecurity is not just about acquiring the latest or most popular tools but ensuring those tools are reliable and resilient. This is why businesses must prioritise agentless solutions like MFA 2.0, which reduce the risk of widespread failures and ensure more resilient defences.”

Cloudstrike Falcon Sensor Blue Screen of Death BSOD Global Outage
Cloudstrike Falcon Sensor Blue Screen of Death BSOD Global Outage

Current Status and Actions:

Microsoft has acknowledged the problem and stated that a fix is in place. However, this does not immediately rectify the situation for all affected devices. Many computers remain non-functional, and a manual fix may be required. One proposed solution involves removing the corrupted update link to restore system operations.

Security Concerns:

This incident raises critical questions about our reliance on third-party providers and the level of access they have to our systems. The Falcon Sensor update had kernel-level access, the deepest level of system access, which allowed it to cause such widespread disruption.

Tech Alert Windows Crashes Related to Falcon Server
Tech Alert Windows Crashes Related to Falcon Server

Moving Forward:

As we navigate this challenging situation, it’s essential to stay informed and take proactive steps to secure our systems. Further updates will be provided as new information becomes available and solutions are implemented.

For now, if you’re experiencing issues, consult with your IT department or follow the suggested manual fix to remove the problematic update. Manual intervention is likely to be needed to address the corrupted system file causing the crashes. Stay vigilant and prioritise your system’s security.