A software upgrade launched all of this.
Friday, Microsoft’s “blue screen of death” upended government agencies and companies all throughout the nation, including emergency call centers, banks, airlines, and hospitals.
Although Microsoft claimed that the main IT disruption was caused by a faulty software update from U.S. cybersecurity company CrowdStrike, the incident highlighted exactly how large of a market share both businesses have in their respective domains.
“When we use all the same vendors, then these sorts of things can become more pronounced when they do happen,” Dominic Sellitto, clinical assistant professor of management science and systems at the University of Buffalo School of Management in New York, said.
Why did the Crowdstrike outage occur?
According to a CrowdStrike statement, a flaw in a content update for its “Falcon” cybersecurity defence program for Windows hosts triggered the outage.
Not affected were computers running Mac and Linux operating systems; CrowdStrike claimed the incident had no cyberattack cause.
Though most of the time they are little enough the end user is usually oblivious, Tim Ehrenkaufer, assistant professor of aeronautical science at Embry-Riddle Aeronautical University in Florida, notes that new software always has some possibility for bugs or faults.
Friday, the country was aware; the issue affected everything from the Starbucks mobile app to 911 call centers.
“As businesses all over the world and governments and agencies and entities are dependent on single technology platforms, it does mean that these types of events are more and more and more painful,” Sellitto of the University at Buffalo said.
Microsoft market share, CrowdStrike:
Over half of Fortune 500 organizations claim to be using CrowdStrike.
According to remarks made by Rep. Bennie Thompson, D-Miss., during last month’s House Committee on Homeland Security, Microsoft’s Windows is among the most used operating systems worldwide and the company supplies an estimated 85% of the productivity software used by the federal government.
“The world is complex and interdependent, and the fact is that the technology we use is global,” said Scott White, an assistant professor and director of the cybersecurity program and cyber academy at George Washington University in Washington, D.C. “We have grown depending on companies like (Microsoft).”
Global tech outage strikes banks, airlines, health care, public transit, and businesses including CrowdStrike.
Does Congress have to intervene as well?
Within hours of the outage, several legislators and cybersecurity experts debated whether Congress – or the Biden administration and the Department of Homeland Security – should install more legislative guardrails to ensure an outage of this kind never recurs.
Former DHS deputy assistant secretary for policy Paul Rosenzweig argued that mandating businesses and governments to maintain backup systems would be the best reaction to Friday’s outage.
Rosenzweig said, asking businesses to do it on their own would be extremely expensive and few would follow through. However, it would be difficult for Congress or the Biden administration to mandate them to without performing the same inside the government, which would be astronomically costly and time-consuming.
“It’s a fascinating question,” said Red Branch Consulting PLLC founder Rosenzweig, a homeland security and cybersecurity consultant. “The government cannot mandate people diversifying if it will not do it itself; and it is the biggest, if not certainly one of the biggest (Microsoft) clients.”
Rosenzweig also cautioned that Friday’s outage is probably going to recur, maybe with more dire consequences, so governments and the business sector must be ready.
“They have to spend extra money” to create greater protection including backups, he advised. “If businesses refuse to do that, this will happen either by accident like this time or by hostile action.”
Other cybersecurity experts contend that CrowdStrike owns whole responsibility for the failure in ways that would not benefit further government intervention and that the system functions as it is.
“This incident seems to be a severe failure of quality control, not a malicious act,” cybersecurity strategist and former FBI counterintelligence official Eric O’Neill remarked of Friday’s paralysis. “While there will be damages assessed, regulation is unnecessary; the market will drive customers to other vendors or reassure them about CrowdStrike.”
O’Neill did warn, though, that better policies of cybersecurity investment and best practices are very essential since the U.S. government “has reacted poorly in this crucial arena of critical infrastructure.”
Should the U.S. government assist CrowdStrike, which I consider to be too large to fail, taxpayers would pay the cost.
“Critical infrastructure and international collaborators”
Believing that the government cannot handle such worldwide events alone, DHS and its Cybersecurity and Infrastructure Security Agency have worked recently to build out a network of public and private sector alliances to assist it in responding.
Whether the issue is a cyberattack or a poor cybersecurity update, CISA Director Jen Easterly told USA TODAY in a 2022 interview, “Educating the private sector and cybersecurity firms on what to do – and not to do – is a critical component of that.”
CISA on Friday stated, “aware of the widespread outage affecting Microsoft Windows hosts due to an issue with a recent CrowdStrike update and is working closely with CrowdStrike and federal, state, local, tribal and territorial partners, as well as critical infrastructure and international partners to assess impacts and support remedial efforts.”
Alerting its public and private partners, CISA also cautioned them of hackers and other “threat actors using this incident for phishing and other malicious activity.”
From here, where do businesses travel?
After the worldwide outage, CrowdStrike and Microsoft business customers could choose different vendors; but, this is not a fix for the core of the problem, said Javad Abed, assistant professor at the Carey Business School at Johns Hopkins University in Baltimore and cybersecurity and data vulnerability expert.
“The CrowdStrike incident reminds us sharply that depending on one cybersecurity tool, regardless of vendor reputation, creates a dangerous single point of failure,” Abed stated. “And business continuity and protecting important operations depend on using several layers with several vendors.”
Any vendor or business can experience this kind of outage, Abed added, but one of the main ideas in cybersecurity is redundancy, so it is mostly avoidable.
Although at first expensive, having duplicates in the infrastructure would be an investment in preserving the confidence between companies and their consumers, Abed said. Businesses should also reconsider their release of updates and testing policies, he advises.
Cybersecurity firms have a wake-up call to change their practices, Abed added.
What’s up, I read your new stuff like every
week. Your humoristic style is witty, keep up the good work!
You ought to take part in a contest for one of the most useful sites on the net.
I will highly recommend this blog!
My web blog – fx마진거래