In 2025, we noticed over 180 Web disruptions spurred by quite a lot of causes – some have been transient and partial, whereas others have been full outages lasting for days. Within the fourth quarter, we tracked solely a single government-directed Web shutdown, however a number of cable cuts wreaked havoc on connectivity in a number of nations. Energy outages and excessive climate disrupted Web companies in a number of locations, and the continuing battle in Ukraine impacted connectivity there as nicely. As at all times, numerous the disruptions we noticed have been as a consequence of technical issues – with some acknowledged by the related suppliers, whereas others had unknown causes. As well as, incidents at a number of hyperscaler cloud platforms and Cloudflare impacted the supply of internet sites and purposes.
This publish is meant as a abstract overview of noticed and confirmed disruptions and isn’t an exhaustive or full record of points which have occurred through the quarter. These anomalies are detected by way of important deviations from anticipated site visitors patterns noticed throughout our community. Try the Cloudflare Radar Outage Middle for a full record of verified anomalies and confirmed outages.
The Web was shut down in Tanzania on October 29 as violent protests came about through the nation’s presidential election. Site visitors initially fell round 12:30 native time (09:30 UTC), dropping greater than 90% decrease than the earlier week. The disruption lasted roughly 26 hours, with site visitors starting to return round 14:30 native time (11:30 UTC) on October 30. Nonetheless, that restoration proved to be fairly transient, with a big lower in site visitors occurring round 16:15 native time (13:15 UTC), roughly two hours after it returned. This second near-complete outage lasted till November 3, when site visitors aggressively returned after 17:00 native time (14:00 UTC). Nominal drops in introduced IPv4 and IPv6 handle area have been additionally noticed through the shutdown, however there was by no means a whole lack of bulletins, which might have signified a complete disconnection of the nation from the Web. (Autonomous programs announce IP handle area to different Web suppliers, letting them know what blocks of IP addresses they’re answerable for.)
Tanzania’s president later expressed sympathy for the members of the diplomatic group and foreigners residing within the nation relating to the affect of the Web shutdown. Web and social media companies have been additionally restricted in 2020 forward of the nation’s normal elections.
Digicel Haiti is sadly no stranger to Web disruptions attributable to cable cuts, and the community skilled two extra such incidents through the fourth quarter. On October 16, site visitors from Digicel Haiti (AS27653) started to fall at 14:30 native time (18:30 UTC), reaching close to zero at 16:00 native time (20:00 UTC). A translated X publish from the corporate’s Director Common famous: “We advise our clientele that @DigicelHT is experiencing 2 cuts on its worldwide fiber optic infrastructure.” Site visitors started to get well after 17:00 native time (21:00 UTC), and reached anticipated ranges inside the following hour. At 17:33 native time (21:34 UTC), the Director Common posted that “the primary fiber on the worldwide infrastructure has been repaired” and repair had been restored.
On November 25, one other translated X publish from the supplier’s Director Common said that its “worldwide optical fiber infrastructure on Nationwide Highway 1” had been minimize. We noticed site visitors dropping on Digicel’s community roughly an hour earlier, with a whole outage noticed between 02:00 – 08:00 native time (07:00 – 13:00 UTC). A follow-on X publish at 08:22 native time (13:22 UTC) said that each one companies had been restored.
Cybernet/StormFiber (Pakistan)
At 17:30 native time (12:30 UTC) on October 20, Web site visitors for Cybernet/StormFiber (AS9541) dropped sharply, falling to a stage roughly 50% the identical time every week prior. On the similar time, the community’s introduced IPv4 handle area dropped by over a 3rd. The reason for these shifts was harm to the PEACE submarine cable, which suffered a minimize within the Crimson Sea close to Sudan.
PEACE is considered one of a number of submarine cable programs (together with IMEWE and SEA-ME-WE-4) that carry worldwide Web site visitors for Pakistani suppliers. The supplier pledged to completely restore service by October 27, however site visitors and introduced IPv4 handle area had recovered to close anticipated ranges by round 02:00 native time on October 21 (21:00 UTC on October 20).
Camtel, MTN Cameroon, Orange Cameroun
Uncommon site visitors patterns noticed throughout a number of Web suppliers in Cameroon on October 23 have been reportedly attributable to issues on the WACS (West Africa Cable System) submarine cable, which connects nations alongside the west coast of Africa to Portugal.
A (translated) printed report said that MTN knowledgeable subscribers that “following an incident on the WACS fiber optic cable, Web service is briefly disrupted” and Orange Cameroun knowledgeable subscribers that “as a consequence of an incident on the worldwide entry fiber, Web service is disrupted.” An X publish from Camtel said “Cameroon Telecommunications (CAMTEL) needs to tell the general public {that a} technical incident involving WACS cable gear in Batoke (LIMBE) occurred within the early hours of 23 October 2025, inflicting Web connectivity disruptions all through the nation.”
Site visitors throughout the impacted suppliers initially fell simply at round 05:00 native time (04:00 UTC) earlier than recovering to anticipated ranges round 22:00 native time (21:00 UTC). Site visitors throughout these networks was fairly unstable through the day, dropping 90-99% at instances. It isn’t clear what precipitated the seen spikiness within the site visitors sample—probably makes an attempt to shift Web site visitors to different submarine cable programs that hook up with Cameroon. Introduced IP handle area from MTN Cameroon and Orange Cameroon dropped throughout this era as nicely, though Camtel’s introduced IP handle area didn’t change.
Connectivity within the Central African Republic and Republic of Congo was additionally reportedly impacted by the WACS points.
On December 9, we noticed site visitors from Claro Dominicana (AS6400), an Web supplier within the Dominican Republic, drop sharply round 12:15 native time (16:15 UTC). Site visitors ranges fell once more round 14:15 native time (18:15 UTC), bottoming out 77% decrease than the earlier week earlier than shortly returning to anticipated ranges. The connectivity disruption was doubtless attributable to two fiber optic outages, as an X publish from the supplier through the outage famous that they have been “inflicting intermittency and slowness in some companies.” A subsequent publish on X from Claro said that technicians had restored Web companies nationwide by repairing the severed fiber optic cables.
In accordance with a (translated) X publish from the Empresa de Transmisión Eléctrica Dominicana (ETED), a transmission line outage precipitated an interruption in electrical service within the Dominican Republic on November 11. This energy outage impacted Web site visitors from the nation, leading to a almost 50% drop in site visitors in comparison with the prior week, beginning at 13:15 native time (17:15 UTC). Site visitors ranges remained decrease till roughly 02:00 native time (06:00 UTC) on December 12, with a later (translated) X publish from ETED noting “At 2:20 a.m. now we have accomplished the restoration of the nationwide electrical system, supplying 96% of the demand…”
A subsequent technical report discovered that “the blackout started on the 138 kV San Pedro de Macorís I substation, the place a stay line was manually disconnected, triggering a high-intensity brief circuit. Safety programs responded instantly, however the fault precipitated a number of close by traces to disconnect, separating 575 MW of era within the japanese area from the remainder of the grid. The imbalance precipitated main energy crops to journey mechanically as a part of their built-in security mechanisms.”
On December 9, a main energy outage impacted a number of areas throughout Kenya. Kenya Energy defined that the outage “was triggered by an incident on the regional Kenya-Uganda interconnected energy community, which precipitated a disturbance on the Kenyan aspect of the system” and claimed that “[p]ower was restored to a lot of the affected areas inside roughly half-hour.” Nonetheless, impacts to Web connectivity lasted for almost 4 hours, between 19:15 – 23:00 native time (16:15 – 20:00 UTC). The ability outage precipitated site visitors to drop as a lot as 18% at a nationwide stage, with the site visitors shifts most seen in Nakuru County and Kaimbu County.
Russian drone strikes on the Odesa area in Ukraine on December 12 broken warehouses and vitality infrastructure, with the latter inflicting energy outages in components of the area. These outages disrupted Web connectivity, leading to site visitors dropping by as a lot as 57% as in comparison with the prior week. After the preliminary drop at midnight on December 13 (22:00 UTC on December 12), site visitors steadily recovered over the next a number of days, returning to anticipated ranges round 14:30 native time (12:30 UTC) on December 16.
Hurricane Melissa made landfall on Jamaica on October 28 and left a path of harm and destruction in its path. Related energy outages and infrastructure harm impacted Web connectivity, inflicting site visitors to initially drop by roughly half, beginning round 06:15 native time (11:15 UTC), in the end reaching as a lot as 70% decrease than the earlier week. Web site visitors from Jamaica remained nicely beneath pre-hurricane ranges for a number of days, and in the end began to make larger progress in the direction of anticipated ranges through the morning of November 4. It could usually take weeks or months for Web site visitors from a rustic to return to “regular” ranges following storms that trigger huge and widespread harm – whereas energy could also be largely restored inside a number of days, harm to bodily infrastructure takes considerably longer to handle.
On November 26, Cyclone Senyar precipitated catastrophic floods and landslides in Sri Lanka and Indonesia, killing over 1,000 folks and damaging telecommunications and energy infrastructure throughout these nations. The infrastructure harm resulted in disruptions to Web connectivity, and resultant decrease site visitors ranges, throughout a number of areas.
In Sri Lanka, areas outdoors the principle Western Province have been essentially the most affected, and several other provinces noticed site visitors drop between 80% and 95% as in comparison with the prior week, together with North Western, Southern, Uva, Jap, Northern, North Central, and Sabaragamuwa.
In Indonesia, Aceh and the Sumatra areas noticed the largest Web disruptions. In Aceh, site visitors initially dropped over 75% as in comparison with the earlier week. In Sumatra, North Sumatra was essentially the most affected, with an early 30% drop as in comparison with the earlier week, earlier than beginning to get well extra actively the next week.
Identified or unspecified technical issues
On October 3, subscribers to Indonesian Web supplier Smartfren (AS18004) skilled a service disruption. The problems have been acknowledged by the supplier in an X publish, which said (in translation), “At present, phone, SMS and knowledge companies are experiencing issues in a number of areas.” Site visitors from the supplier fell as a lot as 84%, beginning round 09:00 native time (02:00 UTC). The disruption lasted for about eight hours, as site visitors returned to anticipated ranges round 17:00 native time (10:00 UTC). Smartfren didn’t present any further data on what precipitated the service issues.
Main British Web supplier Vodafone UK (AS5378 & AS25135) skilled a quick service outage on October 23. At 15:00 native time (14:00 UTC), site visitors on each Vodafone ASNs dropped to zero. Introduced IPv4 handle area from AS5378 fell by 75%, whereas introduced IPv4 handle area from AS25135 disappeared completely. Each Web site visitors and handle area recovered two hours later, returning to anticipated ranges round 17:00 native time (16:00 UTC). Vodafone didn’t present any data on their social media channels about the reason for the outage, and their community standing checker web page was additionally unavailable through the outage.
In accordance with a printed report, a DNS decision problem disrupted Web companies for purchasers of Italian supplier Fastweb (AS12874) on October 22, inflicting noticed site visitors volumes to drop by over 75%. Fastweb acknowledged the problem, which impacted wired Web clients between 09:30 – 13:00 native time (08:30 – 12:00 UTC).
Though not an Web outage attributable to connectivity failure, the affect of DNS decision points on Web site visitors could be very comparable. When a supplier’s DNS resolver is experiencing issues, switching to a service like Cloudflare’s 1.1.1.1 public DNS resolver will usually restore connectivity.
SBIN, MTN Benin, Etisalat Benin
On December 7, a concurrent drop in site visitors was noticed throughout SBIN (AS28683), MTN Benin (AS37424), and Etisalat Benin (AS37136). Between 18:30 – 19:30 native time (17:30 – 18:30 UTC), site visitors dropped as a lot as 80% as in comparison with the prior week at a rustic stage, almost 100% at Etisalat and MTN, and over 80% at SBIN.
Whereas an tried coup had taken place earlier within the day, it’s unclear whether or not the noticed Web disruption was associated in any method. From a routing perspective, all three impacted networks share Cogent (AS174) as an upstream supplier, so a localized problem at Cogent could have contributed to the transient outage.
In accordance with a reported announcement from Israeli supplier Cellcom (AS1680), on December 18, there was “a malfunction affecting Web connectivity that’s impacting a few of our clients.” This malfunction dropped site visitors almost 70% as in comparison with the prior week, and occurred between 09:30 – 11:00 native time (07:30 – 09:00 UTC). The “malfunction” could have been a DNS failure, based on a printed report.
Accomplice Communications (Israel)
Closing out 2025, on December 30, a significant technical failure at Israeli supplier Accomplice Communications (AS12400) disrupted cell, TV, and Web companies throughout the nation. Web site visitors from Accomplice fell by two-thirds as in comparison with the earlier week between 14:00 – 15:00 native time (12:00 – 13:00 UTC). In the course of the outage, queries to Cloudflare’s 1.1.1.1 public DNS resolver spiked, suggesting that the issue could have been associated to Accomplice’s DNS infrastructure. Nonetheless, the supplier didn’t publicly affirm what precipitated the outage.
In the course of the fourth quarter, we launched a brand new Cloud Observatory web page on Radar that tracks availability and efficiency points at a area stage throughout hyperscaler cloud platforms, together with Amazon Net Companies, Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure.
On October 20, the Amazon Net Companies us-east-1 area in Northern Virginia skilled “elevated error charges and latencies” that affected a number of companies inside the area. The problems impacted not solely clients with public-facing Web pages and purposes that depend on infrastructure inside the area, but in addition Cloudflare clients which have origin sources hosted in us-east-1.
We started to see the affect of the issues round 06:30 UTC, because the share of error (5xx-class) responses started to climb, reaching as excessive as 17% round 08:00 UTC. The variety of failures encountered when trying to hook up with origins in us-east-1 climbed as nicely, peaking round 12:00 UTC.
The affect is also clearly seen in key community efficiency metrics, which remained elevated all through the incident, returning to regular ranges simply earlier than the top of the incident, round 23:00 UTC. Each TCP and TLS handshake durations obtained progressively worse all through the incident—these metrics measure the period of time wanted for Cloudflare to determine TCP and TLS connections respectively with buyer origin servers in us-east-1. As well as, the period of time elapsed earlier than Cloudflare obtained response headers from the origin elevated considerably through the first a number of hours of the incident, earlier than steadily returning to anticipated ranges.
On October 29, Microsoft Azure skilled an incident impacting Azure Entrance Door, its content material supply community service. In accordance with Azure’s report on the incident, “A particular sequence of buyer configuration adjustments, carried out throughout two completely different management aircraft construct variations, resulted in incompatible buyer configuration metadata being generated. These buyer configuration adjustments themselves have been legitimate and non-malicious – nevertheless they produced metadata that, when deployed to edge website servers, uncovered a latent bug within the knowledge aircraft. This incompatibility triggered a crash throughout asynchronous processing inside the knowledge aircraft service.”
The incident report marked the beginning time at 15:41 UTC, though we noticed the amount of failed connection makes an attempt to Azure-hosted origins start to climb about 45 minutes prior. The TCP and TLS handshake metrics additionally turned extra unstable through the incident interval, with TCP handshakes taking on 50% longer at instances, and TLS handshakes taking almost 200% longer at peak. The impacted metrics started to enhance after 20:00 UTC, and based on Microsoft, the incident ended at 00:05 UTC on October 30.
Along with the outages mentioned above, Cloudflare additionally skilled two disruptions through the fourth quarter. Whereas these weren’t Web outages within the traditional sense, they did stop customers from accessing Web pages and purposes delivered and guarded by Cloudflare once they occurred.
The primary incident came about on November 18, and was attributable to a software program failure triggered by a change to considered one of our database programs’ permissions, which precipitated the database to output a number of entries right into a “characteristic file” utilized by our Bot Administration system. Extra particulars, together with a root trigger evaluation and timeline, will be discovered within the related weblog publish.
The second incident occurred on December 5, and impacted a subset of consumers, accounting for about 28% of all HTTP site visitors served by Cloudflare. It was triggered by adjustments being made to our request physique parsing logic whereas trying to detect and mitigate a newly disclosed industry-wide React Server Parts vulnerability. A autopsy weblog publish comprises further particulars, together with a root trigger evaluation and timeline.
For extra details about the work underway at Cloudflare to stop outages like these from occurring once more, take a look at our weblog publish detailing “Code Orange: Fail Small.”
The disruptions noticed within the fourth quarter underscore the significance of real-time knowledge in sustaining international connectivity. Whether or not it’s a government-ordered shutdown or a minor technical problem, transparency permits the technical group to reply quicker and extra successfully. We’ll proceed to trace these shifts on Cloudflare Radar, offering the insights wanted to navigate the complexities of contemporary networking. We share our observations on the Cloudflare Radar Outage Middle, by way of social media, and in posts on weblog.cloudflare.com. Observe us on social media at @CloudflareRadar (X), noc.social/@cloudflareradar (Mastodon), and radar.cloudflare.com (Bluesky), or contact us by way of electronic mail.
As a reminder, whereas these weblog posts characteristic graphs from Radar and the Radar Information Explorer, the underlying knowledge is on the market from our API. You should utilize the API to retrieve knowledge to do your individual native monitoring or evaluation, or you should use the Radar MCP server to include Radar knowledge into your AI instruments.
