Very late Thursday night, the world got a firsthand look at how vulnerable our computer infrastructure is. A glitch in an update to cybersecurity firm CrowdStrike’s Falcon Sensor tool pushed out by engineers caused a catastrophic error that resulted in potentially millions of Windows computers worldwide crashing into a blue screen of death.
That has created utter chaos for the masses of people affected by such a wide-ranging, yet elementary error that can cause such havoc around the world. Hospital appointments and surgeries have been canceled in Austria as a result of the issue. Airports closed in Germany. The UK stock exchange encountered issues. Airlines in Japan grounded flights. Banks and supermarkets went offline in India, Australia, and elsewhere.
CrowdStrike said in a statement Friday it has “identified, isolated and a fix has been deployed.” But the damage has in some cases already been done. We’re left now with a big, terrifying, realization: Many of the people in charge of our global digital systems rely on a single software vendor as a point of failure (one estimate suggests CrowdStrike accounts for 24% of the security market), and when that vendor itself screws up, we’re all left picking up the pieces.
“What is unique about this incident is the scale at which it has taken place, likely wiping billions from the global economy due to global, widespread downtime,” says Neatsun Ziv, CEO of OX Security, a cybersecurity firm. It also wiped billions from CrowdStrike’s balance sheet, as its stock price tumbled in early trading Friday.
Yet this is not the first example of a single company’s failures affecting massive global networks. We’ve seen scores of massive internet outages as a result of failures on the part of cloud web hosts and other system providers. The world should have learned its lesson from any one of those incidents, whether the September 2020 outage of Microsoft 365 software, or the nationwide cell outage in February 2024, or even the U.S. utilities attack in April this year.
“It’s important that lessons are learned from [the CrowdStrike] incident to reduce the likelihood of it happening again,” says Simon Newman, cofounder of Cyber London and a member of the International Cyber Expo advisory council. “I would encourage all organizations to review their supply chain resilience regularly.”
However, we haven’t, and we probably won’t this time either. The whizz-bang tech solutions we rely on day in day out are often less polished than they appear. While they seem to be slickly developed and coded, and are by design for marketing purposes faceless, they’re the result of hard-working humans coding every line and checking every element of them. And humans make mistakes.
That this happens—and continues to happen—should help put to rest the idea that these systems are somehow infallible, and that nothing can ever go wrong with them. In a perfect world, we would game-plan around these inevitabilities, and create appropriate fail-safes. But that’s not the world we live in.
Inicia sesión para agregar comentarios
Otros mensajes en este grupo.
Danish artist Andreas Refsgaard has been combining generative AI with handcrafted prototypes to create unique glimpses of what’s ahead—a future that could one day make artists like him obsolete.
Is it time to BeReal again?
In 2022, the photo-sharing app surged in popularity, won Apple’s “App of the Year,” and even earned its own SNL skit. Once a day, at a random time, users were
A bipartisan group of lawmakers on Wednesday vowed to keep Chinese artificial i
Who’s monitoring the situation right now?
As headlines continue to be dominated by news of missile attacks, retaliations, and calls for ceasefire, there are no shortage of situations to
Hackers backing Tehran have targeted U.S. banks, defense contractors and
When Tony Bates became chairman and CEO of Genesys in 2019, the company was already a global leader in contact center software. But Bates was determined
