Q1 2025 Report Reveals Global Internet Disruptions and Resilience

Article Highlights
Off On

In the first quarter of 2025, Cloudflare’s detailed report highlights a series of significant disruptions globally affecting Internet connectivity, utilizing their extensive network that spans over 330 cities across more than 125 countries. This comprehensive analysis reveals diverse causes for these disruptions, including natural disasters, infrastructure sabotage, cyberattacks, power failures, climate events, and technical glitches. Notably, the absence of government-directed Internet shutdowns this quarter marked a significant deviation from previous trends observed by Cloudflare.

Natural Disasters and Climate Events

One of the most impactful natural disasters documented in this report was the 7.7 magnitude earthquake in Myanmar on 28 March. This catastrophic event wreaked havoc on the country’s Internet infrastructure, causing a dramatic drop in Internet traffic by up to 97% in some regions, coupled with widespread power outages and fuel shortages. Although Myanmar demonstrated a rapid partial recovery at the national level, inconsistencies in network-level recovery were evident. Providers such as MCCL and Oceanwave continued to experience disruptions nearly two weeks post-event, with lingering traffic issues persisting at the end of the quarter. Climate events further exacerbated Internet disruptions, as seen with Cyclone Garance and Storm Éowyn. Cyclone Garance hit the island of Réunion hard, causing outages and significant infrastructure damage. Meanwhile, Storm Éowyn, which impacted Ireland on 24 January, led to a substantial reduction in Internet traffic within the Connacht and Ulster provinces, seeing declines up to 75%. These incidents underscore the vulnerability of Internet connectivity to severe weather conditions and the need for robust infrastructure to mitigate such risks effectively.

Infrastructure Sabotage

Syria experienced significant disruptions due to deliberate acts of sabotage targeting physical infrastructure. The first major outage occurred on 23-24 January when fiber optic cables along the Damascus-Homs highway were damaged. This incident resulted in HTTP and DNS traffic plummeting to near zero and approximately 90% of the nation’s IPv4 address space becoming unreachable. A second, similar outage on 25 March caused by cable damage in the Maaloula and Hasiya regions led to near-total national Internet outages. The Ministry of Communications confirmed the sabotage incidents, highlighting the critical vulnerability of physical infrastructure to deliberate attacks.

Regional Interdependencies

Regional interdependencies in South Asia played a significant role in Internet disruptions during the first quarter. A notable incident occurred in early February when Nepalese providers were heavily impacted by an outage at the Indian provider Bharti Airtel. The outage’s attribution remains debated, with sources citing either an ongoing payment dispute or fiber cuts. The dependencies between providers in the region resulted in widespread service disruptions in Nepal. Additionally, Pakistan experienced connectivity issues when a fault in the AAE-1 submarine cable near Qatar degraded Internet quality significantly. The median latency spiked to about 125 ms from a pre-disruption median of approximately 80 ms. Despite the impact, Pakistan managed to avoid extensive outages owing to its network of seven submarine cables.

Power Failures

Power failures were another prominent cause of Internet disruptions across several countries. On 6 January, an electrical interruption in Angola led to a loss of connectivity across eleven provinces. Chile faced a significant power failure on 25 February, temporarily affecting 98.5% of the nation’s Internet connectivity. In Panama, an explosion at the La Chorrera Thermoelectric Power Plant resulted in substantial outages, though the electric system achieved 75% recovery by 03:00 local time and full restoration by 06:08 local time. A unique and somewhat unusual incident occurred in Sri Lanka on 9 February when a monkey caused a power outage at the Pandura electrical substation, leading to a nationwide multi-hour Internet disruption. Major provider Dialog experienced a significant drop in traffic as a result.

Cyberattacks

Cyberattacks played a significant role in regional connectivity issues. One notable incident involved Ukrainian cyber actors targeting the Russian provider Nodex on 7 January. This cyberattack caused significant downtime, with network traffic remaining nearly non-existent until around 14:00 local time the following day. The Ukrainian Cyber Alliance claimed responsibility for the attack, underscoring the ongoing digital conflict and its potential to disrupt Internet services extensively. This incident highlights the growing prominence of cyber threats and their ability to impact regional connectivity profoundly.

Technical Glitches and Other Incidents

Technical glitches also contributed to Internet disruptions in various countries. On 14 January, multiple Russian networks including MTS, Rostelecom, and Beeline experienced an 80% drop in Internet traffic due to connectivity issues. Fortunately, these issues were swiftly resolved by Roskomnadzor, minimizing the duration of the disruptions. In France, Bouygues Telecom reported a brief outage in March due to a technical incident that occurred between 5 a.m. and 7 a.m., further illustrating the vulnerability of Internet infrastructure to technical faults.

Another significant cause of Internet interruptions documented in the report was fires. In Haiti, two periods of complete Internet outage for Digicel’s customers occurred in January, attributed to fires that damaged international fiber optic cables in the metropolitan area. These incidents highlight the diversity of risks that can impact Internet connectivity and the importance of ensuring resilient infrastructure to navigate such challenges.

Trends and Insights

In the first quarter of 2025, Cloudflare’s detailed report sheds light on a series of significant disruptions impacting global Internet connectivity. Leveraging their extensive network spanning over 330 cities in more than 125 countries, Cloudflare provides in-depth analysis of these disturbances. The report identifies various causes, including natural disasters, infrastructure sabotage, cyberattacks, power failures, climate events, and technical glitches. One key finding of the report is the notable absence of government-led Internet shutdowns this quarter, which represents a significant shift from previous trends frequently monitored by Cloudflare in past years. This deviation is particularly important given the historical context and provides insights into evolving government actions regarding Internet governance. Cloudflare’s comprehensive investigation underscores the complexity and multitude of factors contributing to Internet stability issues, highlighting the need for continued vigilance and adaptive strategies to maintain connectivity in an increasingly interconnected and volatile world.

Explore more

Aflac Japan Data Breach Impacts 4.4 Million Customers

Dominic Jainy is a veteran in the tech space, navigating the complex intersection of cybersecurity and artificial intelligence. With years of experience protecting high-stakes data through machine learning and blockchain, he offers a unique vantage point on why even the biggest insurance titans remain vulnerable to sophisticated extortion groups. Today, we delve into the recent security catastrophe at Aflac Japan,

Power Availability Dictates EMEA Data Center Growth

The unrelenting expansion of high-performance computing and artificial intelligence workloads across the European, Middle Eastern, and African markets has transformed energy procurement into the primary competitive differentiator for infrastructure developers today. While geographic proximity to end-users remains a relevant factor, the sheer scale of current deployments necessitates a pivot toward regions where the electrical grid can support multi-hundred megawatt campuses

How Does ARToken Bypass Microsoft 365 MFA?

A typical office worker receives a routine notification from what appears to be a legitimate SharePoint site, asking for a quick verification code to view a shared document. This seemingly harmless request arrives as an alphanumeric code on a professional Microsoft page, inviting the user to “verify” an identity. Because the interaction occurs entirely within official Microsoft domains, the employee

Is Your Oracle EBS Data Safe From Active Cyber Attacks?

Introduction Enterprise resource planning systems serve as the digital backbone of global commerce, yet hundreds of these critical platforms currently sit exposed to predatory actors on the open internet. Recent data reveals that nearly 950 Oracle E-Business Suite instances are directly reachable via the web, bypassing traditional security perimeters. This exposure coincides with the active exploitation of vulnerabilities that grant

Trend Analysis: AsyncRAT DLL Sideloading Tactics

In the modern cybersecurity landscape, “trust” has become a weapon, as threat actors increasingly hide malicious payloads within the very tools IT professionals use to secure their networks. The resurgence of AsyncRAT through sophisticated DLL sideloading and search engine optimization (SEO) poisoning represents a critical shift from traditional, easily filtered phishing to high-visibility, “living-off-the-land” attacks that bypass conventional perimeters. This