Australia is particularly reliant on AWS. The federal government inked a three-year whole-of-government deal in January 2025, giving federal, state and local agencies streamlined access to AWS services. The government has committed $2 billion over the next decade for AWS to build a “Top Secret Cloud” to host the nation’s most sensitive defence and intelligence data.
Anthony Albanese at a press conference during the prime minister’s June visit to the Amazon Spheres in Seattle.Credit: Alex Ellinghausen
More than 140 Commonwealth, state and territory agencies already rely on AWS for critical services in transport, health, education and tax collection.
The root cause of this week’s issue hasn’t yet been identified, though it appears tied to a DNS (Domain Name System) failure within AWS’s US-EAST-1 region, in Virginia.
To put it simply, the digital phone book for much of the cloud was broken, and when AWS stumbles, anything or anyone relying on its services stumbles too.
This isn’t a new story. AWS experienced similar outages in 2023 and 2021, when a five-hour disruption prevented customers from accessing airline reservations and payment apps. And just 15 months ago, the CrowdStrike disaster showed us what happens when critical infrastructure software fails at scale.
Loading
The July 2024 CrowdStrike incident was different in nature, but similar in its sheer impact. CrowdStrike makes cybersecurity software that runs on individual computers and servers to protect them from hackers.
A faulty update caused roughly 8.5 million Windows systems to crash simultaneously, triggering an estimated $US10 billion ($15.3 billion) in global damage. Airlines grounded thousands of flights. Hospitals scrambled to access patient records. Supermarkets effectively shut down and emergency services went dark.
The two incidents share a troubling pattern: single points of failure causing cascading global chaos.
But there’s a crucial difference. CrowdStrike affected individual machines that required technicians to manually fix them one by one. Monday’s AWS outage hit centralised infrastructure – the very foundation upon which modern digital services are built.
Checkouts at Coles in New Farm were offline after the CrowdStrike outage of July 19, 2024.Credit: Cameron Atfield
The outage underscores the critical role AWS plays in the functioning of the entire internet. And for one provider to have so much influence is a problem when something goes wrong, far beyond just inconveniences for businesses or customers.
“When a single provider goes dark, critical services go offline with it,” advocacy organisation Article 19 warns. “Media outlets become inaccessible, secure communication apps stop functioning, and the infrastructure that serves our digital society crumbles.”
They have a point. This isn’t just about missing a few hours on social media or not being able to respond to your Tinder match. It’s about systemic fragility in critical infrastructure that increasingly underpins finance, healthcare and ultimately democracy.
To be fair, cloud computing has brought real benefits, and has been one of the most transformative technologies over the last decade, alongside AI.
It’s made technology cheaper and more accessible, allowing start-ups to compete without buying expensive servers. It’s enabled services to scale rapidly to meet demand. And companies like AWS do invest heavily in redundancy – back-up systems designed to kick in when something fails. They just don’t always work.
So, what should we do differently?
First, regulators and governments must treat cloud infrastructure like the critical public utility it has become.
The internet is too important not to. We don’t allow one company to control 30 per cent of electricity generation for good reason and the same logic should apply to the digital infrastructure that powers modern life. This doesn’t mean breaking up tech companies, necessarily, but it does mean greater oversight, standards and accountability.
Second, governments need to mandate genuine redundancy. And not just within a single provider’s ecosystem, but across different providers. If your back-up generator runs on the same power grid as your main system, it’s not really a back-up.
Loading
Third, we need transparency. When AWS goes down, the public deserves to know immediately what failed, why, what’s at risk, and when full service will return. AWS did provide regular updates overnight, but the current system is inadequate for infrastructure this critical.
None of this is straightforward or easy, but the status quo isn’t working either.
The internet has become too important to be this fragile, and too important to be held hostage by any single company.
Monday’s outage, following last year’s CrowdStrike disaster, should be the wake-up call that finally spurs serious debate. We can’t accept a world in which a typo, a faulty update or a software bug at one company can paralyse the digital economy. We owe the internet, and ourselves, much more.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.