Cybersecurity News in Asia

What happened with Cloudflare?

By Victor Ng | Wednesday, November 19, 2025, 11:35 AM Asia/Singapore

For a couple of hours last night, every one out of 4 websites I tried to access showed an error page.

Millions of users worldwide trying to access many popular websites such as ChatGPT, X (formerly Twitter), Canva, and League of Legends, were unable to, when Cloudflare had an outage.

All these websites were functioning properly, but because they leveraged Cloudflare’s DNS services, users were not able to access these sites.

The services recovered subsequently, but this brings to light the importance of service resilience, availability and independence.

What happened
According to Oded Vanunu, Head of Vulnerability Research, Check Point Software: “Cloudflare provides DNS services, the mechanism that translates domain names into IP addresses. When this service is disrupted, browsers fail to resolve addresses, and connections to servers break.”

The result: many websites and services become inaccessible even if the servers themselves are operational.

“Beyond DNS, Cloudflare operates a CDN network that accelerates browsing by distributing content copies across servers closer to users,” he added.

“A CDN failure forces all requests to reach the original server, sometimes located far away geographically, which slows loading times and increases core infrastructure load.”

The repercussions

Graeme Stewart, head of public sector, Check Point Software, commented: “Cloudflare going down sits in the same pattern we saw with the recent AWS and Azure outages.

These platforms are vast, efficient and used by almost every part of modern life, he said. “The upside is obvious. Their scale keeps costs low, makes security tools more accessible and gives even small organizations the kind of performance that would once have been impossible.”

The downside is just as clear. “When a platform of this size slips, the impact spreads far and fast and everyone feels it at once.”

According to some research, Cloudflare has more than 20% of the global DNS market, powering access to one-third of the world’s 10,000 most popular sites.

Jake Moore, Global Security Advisor, ESET, added: “The outages we have witnessed the last few months have once again highlighted the reliance on these fragile networks. Companies are often forced to heavily rely on the likes of Cloudflare, Microsoft, and Amazon for hosting their websites and services as there aren’t many other options.”

Moore observed that the problems causing these outages have occurred due to DNS servers that are most likely overwhelmed: “The technology is based on an outdated, legacy network that redirects words in a web addresses into computer-friendly numbers. When this system fails, it catastrophically collapses and causes these outages. However, the problem is that this system cannot be replaced easily. It may sound risky but the major cloud providers actually have lots of impressive failsafes in place and usually provide more protection than the lesser well known cloud providers.”

What does that mean for government and public services?

Stewart said: “During today’s outage, news sites, payments, public information pages and community services all froze.”
That was not because any of these organizations failed on its own. It was because a single layer they all rely on stopped responding.
“People saw a simple error page, but the break reached into the systems that hold up essential services,” continued Stewart.

“From a cybersecurity view, this is the part that matters. Any platform that carries this much of the world’s traffic becomes a target.”

Possible exploits
He warned that even an accidental outage can create noise and uncertainty that attackers know how to exploit.

He explained: “If an incident of this scale were triggered deliberately, the disruption would spread across countries that use these platforms to communicate with the public and deliver basic services.”

With many organizations still running everything through one route with no meaningful backup, a failure along that route means there is no fallback.

“That is the weakness we keep seeing play out,” Stewart emphasized. “The internet was meant to be resilient through distribution, yet we have ended up concentrating huge amounts of global traffic into a handful of cloud providers.”

“Large platforms bring benefits, but events like today show the cost of that decision. Until there is real diversity and redundancy in the system, each outage will hit people harder than it should,” he warned.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more
Meeting the business resilience challenges of digital transformation
Data proves to be key to driving secure and sustainable digital transformation in Southeast Asia.Read more

Bottom sidebar

Other News

Cohesity Collaborates with Google Cloud to Deliver Secure Sandbox Capabilities and Comprehensive Threat Insights Designed to Eliminate Hidden Malware
Saturday, February 7, 2026
Embedded Google Threat Intelligence capabilities, …Read More »
Shield AI, Republic of Singapore Air Force, and Defence Science and Technology Agency Expand Partnership to Progressively Field Autonomy Capabilities
Thursday, February 5, 2026
SINGAPORE, Feb. 5, 2026 /PRNewswire/ …Read More »
ICAC Commissioner attends APEC anti-corruption meetings in Guangzhou to foster collaborations in the Asia Pacific region
Thursday, February 5, 2026
HONG KONG, Feb. 4, 2026 …Read More »
VIVOTEK Enhances VORTEX with Generative AI and Safety Detection
Tuesday, February 3, 2026
Expanding the cloud security ecosystem …Read More »
Fraud Syndicates Now Operate Like Businesses: VIDA Urges Malaysian CISOs to Rethink AI-Era Defense
Tuesday, February 3, 2026
KUALA LUMPUR, Malaysia, Feb. 2, …Read More »

Cybersecurity News in Asia

Featured

Where are financial fraud and AML regulations heading in S E Asia?

Featured

How AI is reshaping dating in Asia

Featured

Emerging third-party cyber risks via agentic AI