The internet just broke again. Should we actually be worried?

The problems are yet another illustration of a concern that has been plaguing the internet for years: that it is overly fragile. Each outage at web infrastructure providers helps show that what appears to be a vast and resilient system is in fact both centralised and brittle.

Companies such as Cloudflare offer usually invisible services that ensure that websites are able to stay up even if they are visited by an unexpectedly large number of visitors, either from a rush of real people or bots conducting an attack. Today’s web relies heavily on a limited number of companies – Google and Amazon, as well as Cloudflare – to offer this kind of technical support.

The small number of big web infrastructure companies of this kind offers benefits, such as economies of scale that mean that even small websites can get substantial protection. But they also represent a significant weakness in the internet.

Cloudflare itself appeared to recognise those complaints when it posted an update about the outage, after it was resolved on Friday. “Any outage of our systems is unacceptable, and we know we have let the Internet down again,” wrote its chief technology officer, Dane Knecht.

“The issue was not caused, directly or indirectly, by a cyber attack on Cloudflare’s systems or malicious activity of any kind,” Mr Knecht wrote. He explained that it was instead the result of a badly implemented update that actually aimed to fix another vulnerability.

In some ways, the nature of the outage might show that some of those concerns about centralisation and the fragility of the web are now being heeded. Many of the most notable sites that went down last time around – from ChatGPT to X, formerly known as Twitter – stayed up through the latest problems, perhaps suggesting that lessons had been learnt from that outage.

Cloudflare itself has also been making changes to its systems in an attempt to avoid such large scale outages. It said that in the wake of its last update it was working to “make changes to prevent single updates from causing widespread impact like this” – but that they were yet to roll out.

What’s more, Cloudflare’s transparency in both the November and December outages means that people can know exactly what went wrong, should they want to. Much of the technology powering the web today is built by companies that are resistant to explaining what they have done, which is made possible by the fact that they have such power that they don’t necessarily need to.

But even amid those comforting thoughts, experts warned that the dangers of the relatively centralised nature of today’s internet were only becoming more clear.

“The Cloudflare outage is yet another reminder of how dependent major systems are on just a few cloud infrastructures across the world,” said Feng Li, associate dean for research & innovation at Bayes Business School.

“This latest episode, coupled with October’s AWS outage and the disruption that caused, should serve as yet another wake-up call for cloud providers to strengthen regional isolation, ensure critical control planes can fail safely, and maintain communicational transparency with users during such incidents. This last point is critical because confidence in the provider often depends as much on timely, clear updates as on the speed of recovery itself.

“For far too long now, people have used cloud services as a single point of reliability rather than accepting shared responsibility. With such dire consequences globally, multi-region or multi-cloud architecture must be implemented as a rapid failover. Incident response and customer communication plans should assume provider outages are a matter of when and not if.

“Cloudflare will inevitably be the subject of user frustration and business disruption. However, the longer-term erosion of confidence in cloud infrastructure and the broader digital ecosystem is far bigger problem.

“This latest outage continues to beg the question of what happens when a digital infrastructure collapse in one part of the world can have such globally significant consequences? It is a question that regulators, enterprises, and researchers alike need to confront.”

The problems themselves are unlikely to stop, experts warned. As such, those running such important situations should ensure they are better placed to respond to them.

“2025 has been full of cloud computing related bellwether events, be they environmental; geo-political; or technological,” said Andrew Joint, technology partner at Simmons & Simmons. “These have all repeatedly signalled the challenges and risks in the current structure of our global cloud environments.

“Today’s outage is another reminder that understanding your technology infrastructure and dependencies, and either mitigating or accepting areas of risk in ‘single points of failure’, is vital. As we head into 2026, there is little indication that the fundamental causes of the issues that arose in 2025 are likely to change, so your technology and operational approaches must, or you risk the same results – service outages, business impact, and the unhappy customers and regulators that typically follow.”