Global IT outage is a wake-up call

XINHUA – Airlines, media, retailers, hospitals, banks and virtually all organizations that relied on CrowdStrike’s service to protect their Microsoft systems from viruses and malware are still recovering from Friday’s unprecedented global IT outage that affected 8.5 million Windows devices.

Experts and analysts see the incident as a wake-up call for a more resilient and less monopolized global digital infrastructure. They warn that the world will be more vulnerable to such disruptions, which could become a “new normal.”

UNPRECEDENTED POWER OUTAGE

On Friday, customers around the world of CrowdStrike, a cybersecurity firm based in Austin, Texas, began seeing the “blue screen of death” on their Windows systems after installing a faulty Falcon sensor update Thursday night.

Falcon basically monitors the computers it is installed on and looks for signs of malicious activity (such as malware).

This means that Falcon is so deeply integrated into Microsoft’s system that if the system fails, the system fails.

“We currently estimate that the CrowdStrike update has affected 8.5 million Windows devices, or less than one percent of all Windows machines,” Microsoft said in its Saturday blog post.

After what Microsoft calls “significant incidents,” the company said it is “continuously communicating with customers and working with CrowdStrike and third-party developers to gather information and accelerate resolutions.”

An information display in New York City, United States. PHOTO: AP & AFP
Pedestrians walk past darkened screens in New York, United States. PHOTO: AP & AFP

Just hours after the outage, scams, phishing emails and other criminal activity began targeting CrowdStrike customers in relation to the incident, under the guise of customer service and technical support. “The scale of this outage is unprecedented and will undoubtedly go down in history,” said Dr. Junade Ali, a cybersecurity expert and fellow at the London-based Institution of Engineering and Technology.

“Unlike previous outages that targeted internet infrastructure, this situation directly impacts end-user computers and may require manual intervention to resolve, posing a significant challenge to IT teams worldwide,” Ali added.

Experts estimate that it will take weeks to fully recover from a disruption on such a scale. “It looks like millions of computers will have to be manually repaired,” said Chief Research Officer Mikko Hypponen at WithSecure, a cybersecurity company.

Recovery is particularly challenging for small and medium-sized businesses, which have fewer resources and IT staff to carry out manual recovery, BBC cyber correspondent Joe Tidy said on Friday.

MORE DISRUPTIONS ON THE WAY

According to Euronews, nearly 30,000 flights were delayed and almost 7,000 flights were cancelled worldwide on Friday.

The incident resulted in a significant drop in CrowdStrike’s value, wiping billions off the company’s market value when trading began on Friday. That same day, Wall Street’s major indexes fell, exacerbating a selloff fueled by tech stocks and mixed earnings reports.

“The outage is likely to lead to tighter regulation of critical services and risk management,” said Dr Madeleine Stevens, an IT expert at Liverpool John Moores University.

“While the incident was not a cyberattack, consumer skepticism will be inadvertently affected, and this unintended demonstration of our cyber vulnerability will pose significant challenges for IT service providers,” Stevens said.

The fact that the largest global IT outage to date was caused not by cyberattacks or malicious parties, but ironically by a routine cybersecurity software update, has once again exposed the systemic risk posed by an increasingly omniscient and interconnected digital infrastructure and a world dependent on it.

According to John Bryson, Chair of Enterprise and Economic Geography at the University of Birmingham’s Birmingham Business School, more such ‘digital pandemics’ are expected as a result of increased global economic integration.

The global cyber-energy-production plexus, or the “multiple connections between telecommunications, energy and production networks,” exposes us all to unknown disruptions on an unprecedented scale, Bryson added.

According to Professor Axel Legay, computer scientist at the Catholic University of Leuven, a computer becomes more vulnerable the more it is connected.

“The more the software is interconnected, the more vulnerable we will be, because more and more software will interact with each other and it will increase,” Legay said in an interview.

BACKUPS AND ANTITRUST

The largest cyber incident to date has taught technology company stakeholders, regulators and businesses how to prepare for more frequent and widespread disruptions to digital infrastructure in the future.

“A core issue is the ability of a digitally enabled service function to switch instantly to manual,” Bryson said.

“In other words, there must be an opportunity to deliver services using paper-based rather than digital solutions. The real danger is that we all forget how to live and work in a pre-digital environment,” he said.

The IT expert also stressed the importance of companies having “air-gapped” backups, isolated from the cyber-energy-production plexus.

While individual organizations are being urged to devote more resources to off-grid backups and staff training rather than operating without computers, some argue that the incident highlights the urgency of regulating the highly monopolized market.

The outage “is the result of a software monopoly that has become a single point of failure for too much of the global economy,” said George Rakis, executive director of NextGen Competition, whose group advocates for stricter enforcement of anti-monopoly laws, as quoted by The Washington Post on Saturday.

The report added that lawmakers from three congressional committees — House Oversight, House Homeland Security, and House Energy and Commerce — asked Microsoft and CrowdStrike to brief them on the cause and impact of the outage across agencies on Friday.

“When just three companies — Microsoft, Amazon and Alphabet Inc.’s Google — dominate the cloud computing market, one small incident can have global implications,” Parmy Olson, a Bloomberg Opinion columnist who covers technology, said on Friday.

Olson argues that policymakers can address the global reliance on just three cloud providers and push the big tech companies to do more than just put a Band-Aid on the wound.