Now Reading
CrowdStrike crash raises questions about tech dependency
Dark Light
Northern Samar bans single-use plastic
Return to Ginebra all up to Brownlee
WHO’S CRYING NOW?
IT REALLY IS ABOUT LESSONS LEARNED
WINGS OF THE EAGLES
Generals brace for clash vs Pirates
BLEEDING FOR A WIN

CrowdStrike crash raises questions about tech dependency

AFP

WASHINGTON—Catastrophic computer outages caused by a software update from one company have once again exposed the dangers of global technological dependence on a handful of players, experts warned on Friday.A flawed update sent out by the little-known security firm CrowdStrike brought airlines, TV stations and myriad other aspects of daily life to a standstill.The outages affected companies or individuals that use CrowdStrike on the Microsoft Windows platform: when they applied the update, the incompatible software crashed computers into a frozen state known as the “Blue Screen of Death.”

“Today CrowdStrike has become a household name, but not in a good way, and this will take time to settle down,” said Dan Ives of Wedbush Securities.

The breakdown quickly fueled discussions about internet giants’ power over the increasingly digital world economy, with more activity now taking place in the computing “cloud” or on a few apps or platforms.

Just ‘a taste’

When those platforms have flaws—or are deliberately attacked—the world seems to collapse.

In recent months, entire health-care systems and industries have been paralyzed after hackers infiltrated their systems, leaving consumers at their wits’ end and companies at a loss.

“I think we’re just getting a taste of some potential effects of real reliance by the financial sector and sectors across the economy on a handful of cloud companies and other key systems,” Rohit Chopra, director of the US Consumer Financial Protection Bureau, told CNBC.

“There are just a handful of big cloud companies where so much of the economy is now resting.”

The world has seen a major shift to cloud computing, where companies use servers offered by big tech giants for their computing needs instead of their own infrastructure.

Amazon, through its AWS company, is the world leader, followed by Microsoft’s Azure and Google Cloud.

Friday’s breakdown was caused by a malfunctioning software update fed to Microsoft Windows users by CrowdStrike, which specializes in cybersecurity for cloud-based companies.

“We’re deeply sorry for the impact we’ve caused to customers, travelers, and anyone affected by this,” CrowdStrike CEO Kurtz said in an interview on NBC’s “Today” show.

Microsoft blamed the problems on CrowdStrike, but industry insiders warned that the issue stems from entrusting the digital world to just a few key companies.

“It’s going to continue to raise issues for systems or businesses wholly dependent on Microsoft—this issue of concentration risk,” Michael Daniel, former White House cybersecurity coordinator and current head of the Cyber Threat Alliance told Agence France-Presse (AFP).

“How do you balance the benefits of having everybody on the same operating system with the concentration risk that poses?” said Daniel.

See Also

Callie Guenther, senior manager of cyberthreat research at Critical Start, warned that the shift to big players amplifies the impact of any system failure or vulnerability.

One error, like CrowdStrike’s on Friday, threatens society’s smooth functioning worldwide, she said.

ORLANDO, FLORIDA – JULY 19: Passengers wait for new flight assignments due to the global communications outage caused by CrowdStrike at Orlando International Airport on July 19, 2024, in Orlando, Florida. Businesses and airlines worldwide continue to be affected by a global technology outage attributed to a software update administered by CrowdStrike, a cybersecurity firm whose software is used by various industries around the world. Miguel J. Rodriguez Carrillo/Getty Images/AFP (Photo by Miguel J. Rodriguez Carrillo / GETTY IMAGES NORTH AMERICA / Getty Images via AFP).

No contingency plan

Andrius Minkevicius, cofounder of Cyber Upgrade, a cybersecurity company, said that businesses must fight the complacency often associated with outsourcing technology to the big vendors.

“Today, we’re seeing an example of those who relied mostly on vendor-offered cyber protection without additional contingency plans and are now suffering reputational and financial damage,” he said.

Experts warn that this incident will likely invite scrutiny from regulators and officials.

“CrowdStrike will probably have to let some outside people come in and examine how this happened,” said Cyber Threat Alliance’s Daniel. —AFP


© The Philippine Daily Inquirer, Inc.
All Rights Reserved.

Scroll To Top