A Mysterious Internet Outage Hits China: Understanding the Disruption
On the Internet, outages can occur for various reasons, but what transpired in China on August 20, 2025, was particularly striking. For 74 minutes , a major traffic conduit experienced a significant disruption, leading to applications stalling, websites becoming unresponsive, and critical services failing at border crossings. Unlike typical outages that may affect a localized area or a single operator, this disruption was more widespread, casting an uncomfortable silence across the digital landscape.
What failed was not the entire Internet but a specific and widely used segment: the channel facilitating encrypted connections . According to the GFW Report , the incident occurred between 00:34 and 01:48 Beijing time (UTC+8), impacting Port 443 , which is crucial for HTTPS traffic. While this disruption was extensive, it didn’t extend to other communication ports, leaving experts puzzled over the root cause of the incident.
The Technical Breakdown: What Happened?
The technical analysis indicates a unique pattern during this outage. Every time a connection attempted to establish itself on Port 443 , an abnormal series of packets—specifically RST+ACK —emerged, effectively serving as a termination order. These packets are analogous to hanging up on a phone call before the person can answer, but they were intentionally inserted in vast quantities at critical points during client-server exchanges. Specialists confirmed this alteration was not typical of a congestion-related failure, affecting both outbound and inbound connections to and from China .
Selective Disruption: What’s the Scope?
Despite the serious disruption, not all services ceased to function. Internal connections within China remained operational, as did alternative ports like 80 (for non-encrypted traffic) and 22 (allocated for remote connections). This nuance explains why some applications continued to operate while others were obstructed: it wasn’t a total outage, but rather a highly selective interruption targeting the encryption process required for accessing data across the national border.
There are currently no public records indicating that major platforms such as WeChat, Baidu, or Weibo faced a widespread failure during this period. Most of these services primarily operate within China and do not rely on international connections for their basic functionalities. However, several Chinese applications utilize components reliant on external servers , such as mini-programs, APIs, or cloud functionalities, and these interactions could have faltered amid the encrypted traffic interruption.
The Impact on International Services
The consequences were markedly pronounced for international services. As reported by The Register , disruptions affected parts of connections to foreign services—including functionalities of companies like Apple and Tesla —for users attempting to access their services from within China during the outage window. Other international services relying on HTTPS, like certain content delivery networks ( CDNs ) and VPN solutions using TCP/443 , were also impacted. In essence, the internal network remained intact, but the encrypted pathway was severed, which was sufficient to leave many international users stranded.
Signs of Intrusion: Analyzing the Patterns
One of the most compelling clues lies within the technical footprint left by the disruption. Each system tasked with filtering or interrupting connections leaves a distinct trail—also referred to as a fingerprint —notable for its packet ordering, TTL , and TCP window size . In this instance, the recorded values deviated from past incidents, leading researchers to propose two potential hypotheses: either a new system deployed for testing or a pre-existing device that was malfunctioning or poorly configured. Until more information surfaces, these conclusions remain speculative.
Each system tasked with filtering or interrupting connections leaves a distinct trail, helping in identifying the nature of the infringement.
While traffic eventually returned to normal and no large-scale repercussions were visible, the actuality of the outage was documented, and it leaves unanswered questions in its wake. There were no official statements or explanations provided. However, the notorious Great Firewall continues to operate, showcasing its ability to intervene seamlessly within the digital realm.