GOOD MORNING.
Today's massive outages nicely illustrate which of your favorite internet things are secretly Amazon-dependent.
Specifically on US-EAST-1 Region, which woke up with Main Character Syndrome.
Result? Massive outages.
Sure, Amazon has regions.
But US-EAST-1 is the legacy/default for a pile of services...and other Global Amazon services also depended on it.
So when there was trouble...it was quickly everywhere.
Hyperscalers rule *almost* everything around us. And this is absolutely bad news for all sorts of resiliency.
Amazon sez: root cause = DNS resolution with DynamoDB... which a ton depends on.
They say they are mostly mitigated & have a pile of backlog to clear.
But this is a great moment to think about just how many eggs that matter are in one basket...
https://health.aws.amazon.com/health/status
But US-EAST-1 is the legacy/default for a pile of services...and other Global Amazon services also depended on it.
So when there was trouble...it was quickly everywhere.
Hyperscalers rule *almost* everything around us. And this is absolutely bad news for all sorts of resiliency.
Amazon sez: root cause = DNS resolution with DynamoDB... which a ton depends on.
They say they are mostly mitigated & have a pile of backlog to clear.
But this is a great moment to think about just how many eggs that matter are in one basket...
https://health.aws.amazon.com/health/status
It only cost $1.37 USD in gas fees per malware change (e.g. to update the command & control server)
Blockchains as malware dead drops are a fascinating, predictable evolution for nation state attackers.
And Blockchain explorers are a natural target.
Nearly impossible to remove.
Experimentation with putting malware on blockchains is in infancy.
Ultimately there will be some efforts to try and implement social engineering protection around this, but combined with things like agentic AI & vibe coding by low-information people...whew boy this gold seam is going to be productive for a long time.
Still, where here they used social engineering, I expect attackers to also experiment with directly loading zero click exploits onto blockchains targeting things like blockchain explorers & other systems that process blockchains... especially if they are sometimes hosted on the same systems & networks that handle transactions / have wallets.
REPORT: 
Proponents say age verification = showing your ID at the door to a bar.
But the analogy is often wrong.
It's more like: bouncer photocopies some IDs, & keeps them in a shed around back.
There will be more breaches.
But it should bother you that the technology promised to make us all safer, is quickly making us less so.
STORIES:
