As the fog of war recedes and we start to pick up the pieces of today’s catastrophic global Windows outage, I’ve been giving some serious thought to the nature of our current digital society – and I’ve got to say, I’m genuinely worried.
Today’s disaster will hopefully prove to be a relatively short-lived affair; a few hours and things seem to be going back to normal, much to the chagrin of office workers thinking Microsoft Teams was dead and they could take Friday off. But this outage was symptomatic of a larger, oft-forgotten problem: the world has grown too dependent on a small number of software platforms, and a vulnerability in those platforms is a vulnerability for everyone.
So what happened, exactly?
If you’ve already been closely following the Windows outage that occurred earlier today, July 19, feel free to skip ahead a couple of paragraphs. In any case, I’ll try to keep this explanation short.
What essentially occurred was a malfunction in the CrowdStrike Falcon endpoint protection software – a sort of sophisticated cybersecurity platform for businesses, think antivirus on steroids – that led to a wave of ‘Blue Screens of Death’ affecting Windows PCs at businesses all over the world. While the exact nature of the glitch has yet to be disclosed, it was likely able to cause such a huge impact specifically because endpoint protection programs like this are given high-level access to control your system so that they can quickly
Given how many businesses and public services rely on Windows to operate on a day-to-day basis, and how widely CrowdStrike‘s cybersecurity software has been deployed over the past few years, it was perhaps inevitable that something like this would happen eventually.
CrowdStrike and Microsoft were keen to remind users that the outage was not caused by a “security incident or cyberattack”, but rather by an isolated malfunction within a routine update that has since been identified and fixed by CrowdStrike’s team.
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…July 19, 2024
Everything’s okay now though, right?
Wrong. If you’re not concerned about this, I don’t know what to tell you: this outage only lasted for a few hours and was likely caused by a simple combination of human and system error, and yet it still caused a tremendous amount of problems.
From the silly (British pubs not being able to take app orders) to the serious (Alaska 911 services going down completely), the impacts were wide-ranging and varied. It’s easy to forget how dependent our global digital infrastructure has become on platforms such as Windows, Google, and AWS. It sounds ridiculous to say that an issue with Windows PCs blue-screening could stop you from buying groceries at your local supermarket, and yet that’s exactly what thousands of people experienced this morning.
I don’t know for sure whether anyone actually died as a result of this outage, but it’s not beyond the bounds of possibility. With emergency phone lines going down in some parts of the US while doctors’ offices and hospitals experiencing serious issues in the UK, the impact on the healthcare industry was significant, albeit temporary.
Healthcare is a problem industry for modern software
Back when I was undergoing treatment for lymphoma, before I started here at TechRadar, I wrote for Maximum PC magazine about my experiences observing technology in hospitals. While the medical hardware itself was usually modern, advanced tech, it was frequently hooked up to outdated laptops and cart PCs running Windows 7, Vista, or even XP – an OS that will be turning 21 years old this August. According to the most recent reports, older Windows devices were the worst affected.
Those operating systems are no longer getting critical security and stability updates from Microsoft, with Windows 7 reaching its official ‘end of life’ in January 2020. This increases the need for third-party cybersecurity tools like those offered by CrowdStrike – but as we saw today, that introduces even more points in the pipeline where things can potentially go wrong.
Healthcare is a critical industry, and when disasters like this occur, lives are put at risk. But the impacts extend far beyond just one industry; for example, with the majority of US airline carriers affected by the outage, flight terminals were thrown into chaos, and those mass delays will undoubtedly have had a knock-on effect in virtually every industry as people are late for important meetings.
That’s not even taking into consideration the social aspect of things, either – how many people at any given moment in the US are catching a last-minute flight to see the birth of a child or the last moments of a family member?
This was an accident – next time, it might not be
While the CrowdStrike glitch was in all likelihood an honest coding mistake, I’d be lying if I said it doesn’t have me deeply concerned about the potential damage that intentional attacks could do.
Cybercriminals are already having a field day right now: with CrowdStrike’s security systems likely disabled on many impacted systems right now, it could be open season on cybercrime as hackers work overtime to discover potential new vulnerabilities. As we noted in our liveblog, it’s also likely that we’re going to see a sharp uptick in phishing attempts, with emails and DMs urging affected users to click dodgy links or download ersatz CrowdStrike apps.
It really puts things into perspective to see how much havoc can be wrought on our global tech infrastructure by the wrong piece of code in the right place. This short-lived outage was caused by a single rogue driver update – imagine what a dedicated hacker or a disgruntled tech employee could do with the right access.
So what’s the solution? Unfortunately, there’s no easy fix here. While the issue originated with CrowdStrike, I have to place at least some of the blame here on Microsoft’s doorstep: while I appreciate that it needs to make money, allowing critical infrastructure like hospitals and emergency services to continue using unsupported, outdated systems that are more vulnerable to cyberattacks and malfunctions is simply unacceptable.
Perhaps today will be a wake-up call for the software industry that better digital security and less system inter-reliance is a necessary change – but somehow, I doubt it will be.
You might also like…
https://cdn.mos.cms.futurecdn.net/UJ5CFPQLDaMmXUqcw3CEXh-1200-80.jpg
Source link
christian.guyton@futurenet.com (Christian Guyton)
