As the fog of war lifts and we begin to pick up the pieces from today's catastrophic global Windows outage, I've been thinking seriously about the nature of our current digital society, and I must say I'm genuinely concerned.
Today's disaster is expected to be a relatively short-lived affair; within a few hours everything will appear to be back to normal, much to the chagrin of office workers who thought Microsoft Teams was dead and they could take Friday off. But this outage was symptomatic of a larger, often forgotten problem: the world has become too dependent on a small number of software platforms, and a vulnerability in those platforms is a vulnerability for everyone. all.
So what exactly happened?
If you've already been following the Windows service outage that occurred today, July 19, feel free to skip a couple of paragraphs. In any case, I'll try to keep this explanation brief.
What basically happened was a malfunction in the CrowdStrike Falcon endpoint protection software (a sort of sophisticated cybersecurity platform for businesses, like an antivirus on steroids) that caused a wave of “blue screens of death” to hit Windows PCs in businesses around the world. While the exact nature of the bug has yet to be revealed, it’s likely that it was able to cause such a large impact specifically because endpoint protection programs like this have high-level access to control your system and can quickly gain access to it.
Considering how many businesses and public services rely on Windows to function on a daily basis, and how widely CrowdStrike’s cybersecurity software has been deployed in recent years, it was perhaps inevitable that something like this would eventually happen.
CrowdStrike and Microsoft wanted to remind users that the outage was not caused by a “security incident or cyberattack,” but rather by an isolated malfunction within a routine update that has since been identified and fixed by the CrowdStrike team.
CrowdStrike is actively working with customers affected by a flaw discovered in a single content update for Windows hosts. Mac and Linux hosts are not affected. This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been implemented.July 19, 2024
But everything is okay now, right?
Wrong. If this doesn't concern you, I don't know what to tell you: this outage only lasted a few hours and was likely due to a simple combination of human and system error, and yet it still caused a tremendous amount of trouble.
From the absurd (British pubs can’t accept app orders) to the dire (Alaska’s 911 service is completely shut down), the repercussions were wide-ranging and varied. It’s easy to forget how reliant our global digital infrastructure has become on platforms like Windows, Google, and AWS. It sounds ridiculous to say that a blue screen issue on Windows PCs could prevent you from buying groceries at your local supermarket, and yet that’s exactly what thousands of people experienced this morning.
I don't know for sure if anyone really deceased As a result of this disruption, it is not out of the realm of possibility. With emergency phone lines out of service in parts of the US while doctors' offices and hospitals are experiencing severe problems in the UK, the impact on the healthcare industry was significant, albeit temporary.
Healthcare is a problematic sector for modern software
When I was being treated for lymphoma, before I started working here at TechRadar, I wrote for Maximum PC magazine about my experiences observing technology in hospitals. While the medical hardware itself was generally modern, cutting-edge technology, it was frequently connected to outdated laptops and notebooks running Windows 7, Vista or even XP – an operating system that will be 21 years old in August. According to the most recent reports, older Windows devices were the worst affected.
Those operating systems are no longer receiving critical security and stability updates from Microsoft, and Windows 7 is reaching its official “end of life” in January 2020. This increases the need for third-party cybersecurity tools like those offered by CrowdStrike — but, as we saw today, that introduces even more points in the process where things can go wrong.
Healthcare is a critical industry, and when disasters like this happen, lives are put at risk. But the repercussions go far beyond any one industry – for example, most US airlines were affected by the blackout, throwing flight terminals into chaos, and those massive delays will no doubt have had a ripple effect across virtually every industry as people arrive late for important meetings.
And that's not even taking into account the social side of things: How many people at any given time in the United States take a last-minute flight to see the birth of a child or the final moments of a family member?
This was an accident; next time, it might not be.
While it's very likely that the CrowdStrike flaw was an honest coding error, I'd be lying if I said I wasn't deeply concerned about the potential damage that intentional attacks could cause.
Cybercriminals are already at work: with CrowdStrike security systems likely disabled on many of the affected systems at the moment, it could be open season on cybercrime hunting as hackers work overtime to uncover new potential vulnerabilities. As we noted in our live blog, we’re also likely to see a marked increase in phishing attempts, with emails and direct messages urging affected users to click on suspicious links or download substitute CrowdStrike apps.
It really puts things into perspective to see how much damage a wrong piece of code in the right place can do to our global technology infrastructure. This brief outage was caused by a single unauthorized driver update – imagine what a dedicated hacker or disgruntled tech employee could do with the right access.
So what is the solution? Unfortunately, there is no easy solution. While the problem originated with CrowdStrike, I must place at least some of the blame on Microsoft: while I understand that it needs to make money, allowing critical infrastructures like hospitals and emergency services to continue using outdated, unsupported systems that are more vulnerable to cyberattacks and failures is simply unacceptable.
Perhaps today is a wake-up call for the software industry that better digital security and less interdependence of systems are necessary changes, but somehow, I doubt that is the case.
You may also like…
