Subject: AWS Global Outage,

Date: October 20, 2025

Classification: Public (TLP:CLEAR)

Sources: AWS Status Page, Reuters, AP, CISA, Datacenter Knowledge

About WRAVEN

WRAVEN (Western Research Advisory for Vulnerabilities, Exploits & Networks) is a student-run cybersecurity research group at Western Michigan University. Our researchers and analysts track active threats, study how adversaries operate, and publish intelligence that is both accessible to the public and useful for professionals. We aim to contribute to the broader security community by making complex government advisories digestible, highlighting what defenders should care about, and pushing fresh data into our public dashboards.

Overview,

At approximately 14:10 UTC on October 20 2025, Amazon Web Services (AWS) began experiencing a major global outage affecting multiple regions, primarily us-east-1 and us-west-2. The disruption impacted a wide range of downstream platforms, including Snapchat, Ring, Starbucks, Slack, and several enterprise infrastructure services. AWS engineers attributed the root cause to a routing fault within a core network subsystem that triggered cascading latency across compute and identity layers. The event lasted roughly four hours before partial restoration began.

Impact Summary,

• Scope: Global; highest concentration in North America and Europe.,

• Services Affected: EC2, IAM, S3, CloudFront, Route 53.,

• Observed Effects: Service timeouts, authentication failures, DNS propagation errors, stalled workloads, and degraded APIs.,

• Downstream Impact: Consumer IoT devices, SaaS platforms, and enterprise dashboards dependent on AWS global endpoints.,

Technical Detail,

The initial network fault in Elastic Load Balancing and internal DNS resolution produced a chain reaction in identity and session validation services (IAM and STS). As tokens failed to refresh, dependent services timed out or dropped requests, leading to global login and data-retrieval failures. Fail-over regions inherited corrupted cache states, extending the outage across redundant zones.

WRAVEN Analysis,

This event highlights persistent systemic risks in hyperscale dependency. While AWS’s regional design is intended to isolate failures, service inter-dependencies, particularly around identity and control-plane functions, continue to bridge those boundaries. Resilience testing at the application level remains inconsistent across organizations. Many downstream operators discovered that multi-region fail-over was logically configured but functionally ineffective due to shared IAM or DNS dependencies.

Outlook,

AWS has stated that remediation of network routing and control-plane dependencies is underway, with a full post-incident report expected within 30 days. WRAVEN will review the AWS disclosure once available and publish follow-up analysis.

WRAVEN Monitoring global infrastructure, communications, and threat resilience.

Contact: [email protected]

TLP:CLEAR — Share with attribution.