This week, AI chatbot Claude experienced an outage. Users reported being unable to access services via the Anthropic website, with the issue persistent for approximately a week. Similar outages have impacted various technology giants,
government websites, and even hospitals. What is driving this surge in service disruptions?

The primary vulnerability of today’s internet lies in its heavy reliance on cloud computing. This shift has resulted in numerous services depending on just a few key providers like Amazon and Microsoft. During the early days of the internet, businesses operated on their own infrastructure—akin to a self-sufficient local store. When an issue arose in one area, others remained unaffected, but now, if a cloud provider faces difficulties, the repercussions resonate across multiple platforms.

Frequently, user-access issues stem from simple human errors. One notable incident underscoring these risks was the 2024 outage caused by cybersecurity firm CrowdStrike, which inadvertently released software configuration files that rendered millions of Windows computers inoperative—affecting airlines, banks, and emergency service centers globally.

Joseph Jarneki from the Royal United Services Institute indicates that large-scale outages are typically not premeditated. Cybercriminals tend to focus on smaller targets instead of provoking major tech companies, preferring to extract ransom payments when preying on vital services.

Tim Stevens from King’s College London highlights that ransomware attacks are increasingly directed at local authorities and crucial infrastructure. Hackers tend to infiltrate essential services such as water supplies and municipal governments, where they can hold operations hostage for payment.

The UK has witnessed such incidents, including ransomware attacks on Hackney Council,
Gloucester City Council, and
Leicester City Council, along with similar challenges faced by the NHS and local water suppliers. Stevens notes an ongoing cat-and-mouse game between hackers and cybersecurity experts. Unfortunately, it appears hackers currently hold the upper hand. “In recent discussions, it’s been indicated that we’re losing ground. We’re not just behind; we’re actually losing,” Stevens confessed.

State-sponsored hackers from countries like Russia and China typically do not aim to disrupt cloud providers on a large scale. “While they do target these entities, their intentions are highly focused rather than destructive,” emphasizes Jarnecki.

For instance, the 2023 cyberattacks on U.S. government email accounts managed by Microsoft were attributed to a group linked to China. While this specific incident incurred minimal impact on overall services, it permitted unauthorized access to a wealth of sensitive U.S. information.

According to Sarah Krebs from Cornell University, cyberattacks are increasingly utilized in nations operating within a “gray zone”—a fluctuating state of unease that signifies neither full-scale peace nor active warfare. This tension often manifests as calculated disruptions aimed to weaken adversaries.

Krebs explains, “This approach acts similarly to economic sanctions; much of our GDP and overall economic stability hinges on the Internet. Disabling it critically impairs adversaries’ abilities to generate wealth, subsequently hindering their resource capabilities for warfare.”

Importantly, Krebs notes that Russia and China aren’t the sole practitioners of such tactics. Western nations, too, engage in cyber operations. Notably, intelligence agencies such as GCHQ and MI6 have previously compromised al-Qaeda computers, resulting in significant operational disruptions—these covert operations remain classified and occur behind the scenes.

Stevens mentioned, “It’s clear that Western intelligence and security agencies are conducting cyber operations against Russian assets. However, the legal frameworks often restrict the scope and intensity of these operations, which can be a source of frustration within the community.”

Claude has since resumed functioning, but Anthropic has yet to address inquiries from New Scientist regarding the recent outage effects.