For what felt like forever on Monday, Oct. 21, the internet’s pulse flatlined. 

Food-delivery apps froze, Fortnite gamers got booted mid-battle, and Venmo payments disappeared mid-transfer. Most would have guessed a massive cyberattack or hack, but it turned out to be something far more ordinary and perhaps more alarming: a bad day inside Amazon Web Services.

The glitch started in AWS’s US-EAST-1 regionin Northern Virginia, where a subsystem fault monitoring network load balancers spiraled into a massive outage.

The result was global chaos across thousands of platforms, from Snapchat and Reddit to Zoom, Coinbase, and even government services.

Downdetector reports millions of problem reports came in at the peak, with analysts pegging the number of affected businesses at more than 1,000. However, investors largely shrugged it off, with Amazon stock ending higher as service slowly returned.

It’s important to note that AWS is essentially the quiet engine keeping the digital world afloat.

With a 30% market share in cloud infrastructure, it races ahead of its competition in Microsoft Azure and Google Cloud, anchoring a $100 billion-a-quarter industry. For more color, AWS generated a whopping$10.2 billion in operating income in the previous quarter, with more than 50% of Amazon’s total $19.2 billion.

In making sense of all the hullabaloo, cybersecurity expert David Kennedy just dropped a curt and pertinent take on the AWS outage.

Kennedy is the founder ofTrustedSec and a career offensive-security operator who has led red-team hunts for Fortune 500s along with several public agencies. Additionally, he’s a former Marine and co-founded Binary Defense, developing widely used open-source pen-testing tools while helping to organize major industry conferences. 

TrustedSec founder David Kennedy says the AWS outage highlights hidden fragilities in the cloud’s backbone.

Photo by Sean Gallup on Getty Images

David Kennedy says AWS outage exposes cloud’s hidden weak link

AWS blinked this week, and much of the internet bore the brunt of it. 

From crypto exchanges to banks, entire operations went quiet, and that’s exactly what TrustedSec founder David Kennedy says is a wake-up call for every business that’s betting big on the cloud.

“This wasn’t a hack,” Kennedy told CNBC’s The Exchange. “But it shows how fragile our infrastructure is.” He further went on to say that something as simplistic as “a small DNS change” could ripple across critical systems.

More Tech Stocks:

• Musk’s Netflix boycott could actually hurt the streamer
• OpenAI’s deal with AMD proves AI race has just begun
• Goldman Sachs tweaks Nvidia’s stock price target with a twist
• The stock market laughed, then Palantir redefined the fight

Kennedy noted that AWS has had multiple outages in the past as well, and warned that redundancy remains the weak point. 

“Hopefully Amazon’s looking at this and saying, can we roll over to another data center so we don’t see these massive outages?”

Beyond Amazon, Kennedy feels the core of the problem stretches across the tech ecosystem. “Everything from Coinbase to government installations went down,” he said. “When one data center fails, it cascades.”

Related: Bank of America resets inflation prediction ahead of CPI

He also sounded the alarm on the growing convergence of IT and operational technology, including everything from utilities to financial systems, as a potential flashpoint. 

In his view, roughly 85% of critical infrastructure is privately owned, and much of it is running on legacy systems that need redundancy baked in from the get-go.

Quick takeaways:

• Not a hack,  but a warning: Kennedy feels the outage exposed the cracks in core cloud infrastructure.
• Redundancy gap: Hyperscale systems currently lack robust failover protection, he warns.
• Critical risk: With 85% of U.S. infrastructure privately owned, legacy systems remain a key risk area.

Biggest AWS outages over the past 5 years

This wasn’t the first AWS disruption, and the list below, covering the biggest ones in the past five years, is proof that even the world’s most reliable cloud has vulnerabilities.

Oct. 20, 2025: US-EAST-1 (global ripple)

The hack lasted for roughly 15 hours, linked to an internal fault tied to network load balancers in AWS’s largest region, which froze services such as Snapchat, Reddit, Venmo, Alexa, and Fortnite. 

June 13, 2023: US-EAST-1

A capacity-management subsystem error knocked out over 100 AWS services, including ones like Lambda and API Gateway. The two-hour disruption led to broad app timeouts across customer workloads.

Dec. 7, 2021: US-EAST-1

Control-plane network device issues led to major slowdowns in arguably AWS’s busiest zone, which impacted streaming, e-commerce, and collaboration platforms.

Dec. 15, 2021: US-WEST-1/2

A critical network traffic engineering hiccup led to a relatively brief but comprehensive global breakdown impacting services such as Twitch, Netflix, and Slack.

Nov. 25, 2020: US-EAST-1

An Amazon Kinesis meltdown resulted in all-day disruptions ripping across third-party apps and financial websites.

Related: Veteran Tesla analyst drops urgent take ahead of earnings