Services including ChatGPT, the social media platform X (formerly Twitter), the gaming service League of Legends, and even firms like Amazon and Spotify were suddenly rendered inaccessible for a significant period. 

I can confirm the immediate disruption was linked to Cloudflare’s core network.

The root cause of the crippling global disruption has been traced back to a seemingly routine operation. Cloudflare disclosed that a misconfiguration occurred during scheduled maintenance at its Santiago (SCL) data centre. 

This maintenance was planned for a three-hour window between 12:00 and 15:00 UTC today. Instead of a smooth update, the error triggered a dangerous cascade of failures that propagated across Cloudflare’s entire worldwide network, the digital backbone that thousands of websites rely on for performance and security.

Users across the globe were immediately confronted with widespread HTTP 500 errors, system failures on Cloudflare’s own Dashboard, and non-functional APIs. For many, this meant complete inaccessibility of their chosen services for over an hour.

To contain the uncontrolled spread of the outage issue and attempt remediation, Cloudflare was forced to temporarily deactivate certain services for users in the United Kingdom. 

Specifically, the company issued a notice stating: “During our attempts to remediate, we have disabled WARP access in London. Users in London trying to access the Internet via WARP will see a failure to connect.”

Cloudflare’s WARP is a zero-trust access tool, part of the company’s initiative to provide content delivery network (CDN) services and protection against attacks like DDoS. I believe this temporary shutdown was a last-ditch effort to stabilise their core network functions.

By 8:15 a.m. UTC, the company reported initial success in its recovery operations. Importantly, it confirmed that they had reinstated services for UK users, stating: “We have re-enabled WARP access in London.”

The company also noted that error levels for their Access and WARP services had “returned to pre-incident rates.” While this shows a partial return to normal, the company is still investigating the full extent and complete root cause of the internal service degradation.

The company’s Digital Crimes Unit (DCU), armed with a U.S. court order, seized 338 domains that cybercriminals used to impersonate Microsoft and trick unsuspecting users into entering their credentials. 

The operation, led by Nigeria-based developer Joshua Ogundipe, relied on Telegram to sell phishing kits to more than 850 subscribers.

According to Microsoft, the service has been used to steal at least 5,000 login details across 94 countries since it launched in July 2024. The group reportedly earned over $100,000 in cryptocurrency payments from customers who used its kits to run phishing campaigns.

Steven Masada, assistant general counsel at Microsoft’s DCU, warned about the simplicity, and the danger, of such services. “Cybercriminals don’t need to be sophisticated to cause widespread harm. Simple tools like Raccoon0365 make cybercrime accessible to virtually anyone, putting millions of users at risk.”

Investigators said Raccoon0365 targeted a wide range of industries, including financial institutions and healthcare providers. One campaign, themed around U.S. tax filings, attempted to compromise more than 2,300 organisations in just two weeks earlier this year. 

Microsoft’s partner in the lawsuit, the Health Information Sharing & Analysis Centre (Health-ISAC), confirmed that at least five healthcare organisations had already fallen victim.

Errol Weiss, chief security officer at Health-ISAC, explained that: “So many of the attacks start because somebody gave up their user name and password to a bad guy. Once that cybercriminal has access to the network, then it’s just up to the imagination in terms of what comes next and how they monetise it.”

Cloudflare, which had unknowingly hosted some of the operators’ infrastructure, worked with Microsoft and the U.S. Secret Service to shut down the phishing network. 

The internet security company said the attackers were skilled but left operational security lapses that exposed their identities. Blake Darché, Cloudflare’s head of threat intelligence, stated: “They’re in people’s accounts, they compromise lots of people, and it needs to obviously be stopped.”

Court filings show that Ogundipe and his associates played specific roles including coding the phishing tools, managing subscriptions, and offering customer support to fellow cybercriminals. 

Investigators were able to tie him to the network after he mistakenly exposed a cryptocurrency wallet connected to the scheme. A criminal referral has been sent to international law enforcement.

The case highlights a disturbing evolution of phishing-as-a-service. Raccoon0365 recently introduced AI-MailCheck, an artificial intelligence feature designed to scale phishing operations further. Security researchers warn that this could make phishing attempts harder to detect and more damaging.

Check Point Research has noted that Microsoft is the most imitated brand in phishing attacks globally, accounting for 25% of attempts between April and June 2025; the rapid spread of networks like Raccoon0365 is a huge factor in this surge.

For Microsoft, the seizure is only one step. The company said more enforcement actions are expected as it works with global partners to dismantle the wider criminal ecosystem feeding off its brand identity.

As of July 2025, the internet infrastructure giant now blocks all AI crawlers by default unless they’ve either paid for access or received explicit permission from the content owner.

The company’s new product, Pay Per Crawl, lets publishers charge AI firms a fee every time they crawl their content. If a crawler doesn’t pay, it gets hit with a “402 Payment Required” response, a rarely used HTTP status code that could become the foundation of a new internet revenue model.

Cloudflare powers nearly 20% of the internet. This shift, if widely adopted, could cut off AI companies from training on a vast portion of the web, unless they pay.

Major publishers, including Condé Nast, TIME, BuzzFeed, The Atlantic, Gannett, and others such as Reddit, Pinterest, and Stack Overflow, have already signed on. 

Many of them have seen advertising and referral traffic dwindle in recent years as AI-generated summaries and chatbot answers have increasingly replaced the need to click through to the original source.

“This is just the beginning of a new model for the internet,” said Stephanie Cohen, Cloudflare’s Chief Strategy Officer. “The change in traffic patterns has been rapid, and something needed to change.”

That change is reflected in the data. According to Cloudflare, Google’s crawl-to-click ratio has collapsed from 6:1 to 18:1 in the last six months, suggesting users are increasingly finding what they need directly within the search results, especially via AI Overviews. OpenAI’s ratio is far more extreme at 1,500:1.

Historically, search engines indexed the web with the tacit understanding that referrals would follow, generating value for content creators. But AI firms have upended that agreement, lifting vast amounts of content to train their models and offer summarised responses, all while bypassing the original creators entirely.

Some firms go further by ignoring established web standards like robots.txt, which is intended to block unauthorised scraping. Despite publishers’ attempts to draw boundaries, many AI companies insist they haven’t broken any laws.

The legal pushback has already begun. The New York Times sued OpenAI and Microsoft in late 2023 for copyright infringement. Reddit recently took legal action against Anthropic for allegedly harvesting user comments without permission, even though scraping was explicitly prohibited via robots.txt. BBC and Ziff Davis have filed similar lawsuits.

This escalating issue is happening in parallel with massive drops in web engagement. In the U.S., 60% of searches now end without a single click, and click-through rates have plunged by 30% between 2024 and 2025. 

Publishers are being squeezed at both ends, their traffic is drying up, and their content is being repurposed without compensation.

Cloudflare’s CEO Matthew Prince framed the initiative as both a defensive and visionary move: “This is about safeguarding the future of a free and vibrant internet.” He pointed at a long-term plan to create a transparent and open marketplace for content access, where AI firms would be required to negotiate fair rates for crawling and training.

For now, Pay Per Crawl is available as a private beta. Cloudflare handles both authentication and payments, serving as the intermediary between web publishers and AI companies.

With a focus on security, scalability, and efficiency, DMI significantly reduces time to market for tech startups, small and midsize businesses, and enterprises, enabling them to concentrate on developing robust customer-centric applications to fuel their growth.

Launched in 2018, Deimos is at the forefront of scaling cloud solution technology for companies throughout Africa, including CBN, Kuda Bank, and Mukuru, propelling them toward digital transformation and success.

The launch of DMI, an automated solution, was built on decades of experience streamlining complex systems, tackling recurring product/system failures and the challenges of large-scale hybrid infrastructure.

The new innovative platform will reduce recovery times to less than 30 minutes compared to traditional solutions, ensuring enhanced resilience and efficiency for businesses.

With an onboarding process that requires no downtime during migration, tech startups and other businesses are able to maximise their cloud investments and stay competitive in an ever-evolving digital world.

The platform enters the booming Infrastructure-as-a-Service (IaaS) market, which is projected to grow to an estimated $481.8 billion by 2030, according to recent Allied Market Research, Fortune Business Insights.

Companies are rapidly adopting IaaS to avoid the purchasing of expensive new equipment, installing and implementation as well as building a team to use it.

IaaS helps where swift deployment and scalability are critical, a necessary hurdle for tech companies and digitised traditional banks.

DMI is designed to be a strategic partner allowing businesses to concentrate on their core activities without worrying about the intricacies of technology management.

DMI addresses critical pain points, offering a number of solutions to challenges:

Time to market: Accelerate infrastructure deployment reducing time from 12 months to under 3 months for swift market entry.

High availability: Ensure uninterrupted operations with redundancy, load-balanced deployment, and auto-scale groups.

Observability: Provides insights into system health with an observability platform, offering visual metrics for informed decision-making.

Financial operation: Optimises cloud costs in real-time, aligning resource use with business objectives.

Rapid recovery: Offering a quick recovery within 30 minutes of a catastrophic incident.

Security: Prioritises security without compromise, adopting and benchmarking against industry standards.

David Roos, Director of SRE at Deimos, stated;

“Deimos has collaborated with various companies for the past five years, tackling crucial infrastructure challenges. Our Managed Infrastructure Solution is crafted to evolve in accordance with industry best practices, offering businesses a flexible and state-of-the-art solution. DMI comprehensively addresses all facets of a well-architected cloud environment, ensuring our clients possess a sturdy foundation for their applications. We prioritise security, adhering to industry standards and benchmarks, showcasing the readiness of our product for the market.”

Deimos is cloud agnostic, ensuring clients receive the right solution for their unique environment, with partnerships that span Google, AWS, Azure, JumpCloud, GitLab, Cloudflare, and more.

This double honor from Cloudflare reiterates Liquid C2’s commitment to skill growth, sales contribution, and bringing the best-in-class solutions to customers on the African continent.

David Behr, CEO of Liquid C2, commented on this recognition, “The partnership with Cloudflare has been a tremendous success for our customers as we can deliver more customized cyber security solutions, improve customer service, and create long-term relationships with customers.

This award emphasizes the power of collaboration between Cloudflare and Liquid C2 as we help our customers safeguard their operations and continue their digital transformation journeys”.

In the last year, the collaboration between Liquid C2 and Cloudflare has helped enterprises and SMEs understand the importance of investing in cybersecurity solutions considering the ever-growing threat landscape. This award is a competitive, worldwide recognition of excellence among cyber security partners and is a testament to the work undertaken to deliver people-centric, secure workplaces.

Despite being a relatively young player in the cybersecurity industry, Liquid C2 has demonstrated a deep understanding of the requirements of its African customers. The organization was the first African company to launch a matrix of Cyber Security Fusion Centres in Africa.

Through its strategic partnerships with international players like Microsoft, Oracle, and AWS, Liquid C2 understands how to create cloud solutions that deliver our customers’ every business need.

“Liquid C2 team is proud of this recognition as the 2022 Partner of the Year Award, and it will help us to continue our vision of a digitally connected future that leaves no African behind.” Our cyber security experts are here to give your business the robust protection it needs. “Whatever your business challenge is, we’ll C2 it,” Behr concluded.