{"id":3074,"date":"2025-12-18T15:46:43","date_gmt":"2025-12-18T14:46:43","guid":{"rendered":"https:\/\/riskstudio.com\/2025\/12\/18\/the-day-cloudflare-took-down-20-of-the-internet\/"},"modified":"2026-02-05T20:13:10","modified_gmt":"2026-02-05T19:13:10","slug":"the-day-cloudflare-took-down-20-of-the-internet","status":"publish","type":"post","link":"https:\/\/riskstudio.com\/en\/blog\/the-day-cloudflare-took-down-20-of-the-internet\/","title":{"rendered":"The day Cloudflare took down 20% of the Internet"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Introduction<\/h2>\n\n<p class=\"wp-block-paragraph\">What happens when one of the world&#8217;s largest cloud providers suddenly goes down? The recent <strong>Cloudflare outage<\/strong> showed that millions of websites, apps and services were unreachable within minutes. For organizations, this is not just a technical incident &#8211; it shows how vulnerable digital supply chains are. This type of outage affects business continuity, service delivery and compliance with relevant security standards such as ISO 27001, DORA and NIST.   <\/p>\n\n<h2 class=\"wp-block-heading\">How one outage brings down 20% of the Internet<\/h2>\n\n<p class=\"wp-block-paragraph\">Cloudflare handles about one-fifth of all global Internet traffic. During the outage, a fault in the edge network caused widespread outages of: <\/p>\n\n<ul class=\"wp-block-list\">\n<li>DNS Resolution<\/li>\n\n\n\n<li>CDN locations<\/li>\n\n\n\n<li>API traffic<\/li>\n\n\n\n<li>Connection routes between data centers<\/li>\n<\/ul>\n\n<p class=\"wp-block-paragraph\">Automatic reconnect-attempts caused traffic to skyrocket en masse, amplifying the problems. The result: a chain reaction throughout the Web. <\/p>\n\n<h2 class=\"wp-block-heading\">The hidden chain dependencies that surprise organizations<\/h2>\n\n<p class=\"wp-block-paragraph\">Many organizations use more vendors than they think. During major incidents, it turns out: <\/p>\n\n<ul class=\"wp-block-list\">\n<li>1 in 3 SaaS services use Cloudflare.<\/li>\n\n\n\n<li>On average, companies have <strong>200+ suppliers<\/strong>, half of which are unknown.<\/li>\n\n\n\n<li>59% lack insight into indirect (fourth) parties.<\/li>\n\n\n\n<li>2 in 3 organizations experience damage within an hour of a critical failure.<\/li>\n<\/ul>\n\n<p class=\"wp-block-paragraph\">When Cloudflare goes down, often dozens of vendors go down at once &#8211; including tools for HR, CRM, billing, analytics, identity, support or development.<\/p>\n\n<h2 class=\"wp-block-heading\">How this affects business processes<\/h2>\n\n<p class=\"wp-block-paragraph\">The impact is broader than just &#8220;website down.&#8221; Typical consequences: <\/p>\n\n<ul class=\"wp-block-list\">\n<li>Not logging into internal or client portals<\/li>\n\n\n\n<li>Stalled API integrations<\/li>\n\n\n\n<li>Unavailable SaaS systems<\/li>\n\n\n\n<li>Delays in transactions<\/li>\n\n\n\n<li>Communication outages (support, email, chatbots)<\/li>\n\n\n\n<li>Spikes in escalations and incident reports<\/li>\n<\/ul>\n\n<p class=\"wp-block-paragraph\">A failure at one cloud provider thus becomes a failure across your entire organization.<\/p>\n\n<h2 class=\"wp-block-heading\">What this says about digital resilience<\/h2>\n\n<p class=\"wp-block-paragraph\">Incidents such as the Cloudflare outage make it clear that:<\/p>\n\n<ol class=\"wp-block-list\">\n<li><strong>Single points of failure are still too often invisible<\/strong><br\/>DNS, CDN and hosting in particular overlap unnoticed in the chain.<\/li>\n\n\n\n<li><strong>Many suppliers depend on the same parent companies<\/strong><br\/>Legal ownership and infrastructure sharing more risk than expected.<\/li>\n\n\n\n<li><strong>Multi-cloud not always provides true redundancy<\/strong><br\/>Underlying services can still converge on the same infrastructure.<\/li>\n\n\n\n<li><strong>Regulations increasingly emphasize supply chain risks<\/strong><br\/>DORA, ISO 27001, SOC2, GDPR and NIST CSF require demonstrable understanding of dependencies.<\/li>\n<\/ol>\n\n<h2 class=\"wp-block-heading\">How RiskStudio helps during Cloudflare-like outages<\/h2>\n\n<p class=\"wp-block-paragraph\">RiskStudio gives organizations real-time visibility into their entire digital ecosystem, revealing the impact of a failure within seconds.<\/p>\n\n<h3 class=\"wp-block-heading\">What RiskStudio automatically maps<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>All suppliers and <strong>indirect<\/strong> suppliers using Cloudflare<\/li>\n\n\n\n<li>Infrastructure overlap: DNS, CDN, hosting, cloud providers<\/li>\n\n\n\n<li>Jurisdiction &amp; legal ownership of suppliers<\/li>\n\n\n\n<li>Continuous monitoring of vendor cyber hygiene<\/li>\n\n\n\n<li>Impact of outages on business processes and internal systems<\/li>\n<\/ul>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"527\" src=\"https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/RiskStudio_Screenshot_supplier-1024x527.png\" alt=\"\" class=\"wp-image-2976\" srcset=\"https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/RiskStudio_Screenshot_supplier-1024x527.png 1024w, https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/RiskStudio_Screenshot_supplier-300x154.png 300w, https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/RiskStudio_Screenshot_supplier-768x395.png 768w, https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/RiskStudio_Screenshot_supplier-1536x790.png 1536w, https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/RiskStudio_Screenshot_supplier-2048x1053.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/riskstudio.com\/wp-content\/uploads\/2025\/12\/image-1.gif\" alt=\"\" class=\"wp-image-2975\"\/><\/figure>\n\n<h3 class=\"wp-block-heading\">Why this is critical<\/h3>\n\n<p class=\"wp-block-paragraph\">RiskStudio supports organizations in complying with best practices, including:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>ISO 27001 (supplier relationships &amp; operational resilience)<\/li>\n\n\n\n<li>DORA (ICT third-party risk).<\/li>\n\n\n\n<li>NIST Cybersecurity Framework<\/li>\n\n\n\n<li>CIS Controls<\/li>\n\n\n\n<li>GDPR (data availability &amp; processors)<\/li>\n<\/ul>\n\n<p class=\"wp-block-paragraph\">No manual inventory. No guesswork.   <strong>Risk insight at the chain level &#8211; right when it matters.<\/strong><\/p>\n\n<h2 class=\"wp-block-heading\">Checklist: are you prepared for the next big cloud outage?<\/h2>\n\n<h3 class=\"wp-block-heading\">\u2714 Insight<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Overview of all suppliers<\/li>\n\n\n\n<li>Recognized fourth and fifth parties<\/li>\n\n\n\n<li>Infrastructure dependencies (DNS, CDN, cloud)<\/li>\n\n\n\n<li>Jurisdiction &amp; ownership<\/li>\n<\/ul>\n\n<h3 class=\"wp-block-heading\">\u2714 Monitoring<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Continuous monitoring of the supply chain<\/li>\n\n\n\n<li>Vulnerabilities &amp; CVEs<\/li>\n\n\n\n<li>Basic hygiene<\/li>\n\n\n\n<li>Expiring certificates<\/li>\n<\/ul>\n\n<h3 class=\"wp-block-heading\">\u2714 Action<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Clear escalation procedures<\/li>\n\n\n\n<li>Alternative routes or fallback mechanisms<\/li>\n\n\n\n<li>Be able to report quickly internally and externally<\/li>\n<\/ul>\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n<p class=\"wp-block-paragraph\">The outage that knocked out 20% of the Internet shows how interdependent modern organizations are. The biggest risks are not in your own systems, but in the digital chain around them. With up-to-date insight, continuous monitoring and clarity about dependencies, you build true digital resilience.  <\/p>\n\n<p class=\"wp-block-paragraph\"><strong>Practical tip:<\/strong> Start with the top 10 most critical suppliers &#8211; and then discover your hidden chain with RiskStudio.<\/p>\n\n<p class=\"wp-block-paragraph\"><strong>Call-to-action:<\/strong><br\/>\ud83d\udc49 <em>Get insight into your organization&#8217;s digital supply chain in one minute with RiskStudio.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction What happens when one of the world&#8217;s largest cloud providers suddenly goes down? The recent Cloudflare outage showed that millions of websites, apps and &#8230; <a title=\"The day Cloudflare took down 20% of the Internet\" class=\"read-more\" href=\"https:\/\/riskstudio.com\/en\/blog\/the-day-cloudflare-took-down-20-of-the-internet\/\" aria-label=\"Read more about The day Cloudflare took down 20% of the Internet\">Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":3329,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24],"tags":[30,31,29],"class_list":["post-3074","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-incident","tag-government","tag-healthcare","tag-municipality","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/posts\/3074","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/comments?post=3074"}],"version-history":[{"count":1,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/posts\/3074\/revisions"}],"predecessor-version":[{"id":3077,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/posts\/3074\/revisions\/3077"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/media\/3329"}],"wp:attachment":[{"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/media?parent=3074"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/categories?post=3074"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/riskstudio.com\/en\/wp-json\/wp\/v2\/tags?post=3074"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}