CrowdStrike crash raises questions about tech dependency

CrowdStrike crash raises questions about tech dependency

A flawed update sent out by the little-known security firm CrowdStrike brought airlines, TV stations, and myriad other aspects of daily life to a standstill
A flawed update sent out by the little-known security firm CrowdStrike brought airlines, TV stations, and myriad other aspects of daily life to a standstill. Photo: Raul ARBOLEDA / AFP
Source: AFP

Catastrophic computer outages caused by a software update from one company have once again exposed the dangers of global technological dependence on a handful of players, experts warned on Friday.

A flawed update sent out by the little-known security firm CrowdStrike brought airlines, TV stations, and myriad other aspects of daily life to a standstill.

The outages affected companies or individuals that use CrowdStrike on the Microsoft Windows platform: when they applied the update, the incompatible software crashed computers into a frozen state known as the "Blue Screen of Death."

"Today CrowdStrike has become a household name, but not in a good way, and this will take time to settle down," said Dan Ives of Wedbush Securities.

The breakdown quickly fueled discussions about internet giants' power over the increasingly digital world economy, with more activity now taking place in the computing "cloud" or on a few apps or platforms.

Read also

'Large-scale' IT outage hits companies worldwide

Just 'a taste'

The world has seen a major shift to cloud computing, where companies use servers offered by big tech giants for their computing needs
The world has seen a major shift to cloud computing, where companies use servers offered by big tech giants for their computing needs. Photo: OSCAR DEL POZO / AFP
Source: AFP

When those platforms have flaws -- or are deliberately attacked -- the world seems to collapse.

In recent months, entire healthcare systems and industries have been paralyzed after hackers infiltrated their systems, leaving consumers at their wits' end and companies at a loss.

"I think we're just getting a taste of some potential effects of real reliance by the financial sector and sectors across the economy on a handful of cloud companies and other key systems," Rohit Chopra, director of the US Consumer Financial Protection Bureau, told CNBC.

"There are just a handful of big cloud companies where so much of the economy is now resting."

The world has seen a major shift to cloud computing, where companies use servers offered by big tech giants for their computing needs instead of their own infrastructure.

Read also

US streaming rivals team up to catch Netflix

Amazon, through its AWS company, is the world leader, followed by Microsoft's Azure and Google Cloud.

Friday's breakdown was caused by a malfunctioning software update fed to Microsoft Windows users by CrowdStrike, which specializes in cybersecurity for cloud-based companies.

"We're deeply sorry for the impact we've caused to customers, travelers, and anyone affected by this," CrowdStrike CEO Kurtz said in an interview on NBC's "Today" show.

Microsoft blamed the problems on CrowdStrike, but industry insiders warned that the issue stems from entrusting the digital world to just a few key companies.

"It's going to continue to raise issues for systems or businesses wholly dependent on Microsoft -– this issue of concentration risk," Michael Daniel, former White House cybersecurity coordinator and current head of the Cyber Threat Alliance told AFP.

"How do you balance the benefits of having everybody on the same operating system with the concentration risk that poses?"

Read also

China's leaders vow to fight 'risks' plaguing economy

Callie Guenther, senior manager of cyber threat research at Critical Start, warned that the shift to big players amplifies the impact of any system failure or vulnerability.

One error, like CrowdStrike's on Friday, threatens society's smooth functioning worldwide, she said.

No contingency plan

The outages affected companies relying on Microsoft Windows software: When they applied the update, the incompatible software crashed computers into a lifeless state known as the "Blue Screen of Death"
The outages affected companies relying on Microsoft Windows software: When they applied the update, the incompatible software crashed computers into a lifeless state known as the "Blue Screen of Death". Photo: Money SHARMA / AFP
Source: AFP

Andrius Minkevicius, co-founder of Cyber Upgrade, a cybersecurity company, said that businesses must fight the complacency often associated with outsourcing technology to the big vendors.

"Today, we're seeing an example of those who relied mostly on vendor-offered cyber protection without additional contingency plans and are now suffering reputational and financial damage," he said.

Experts warn that this incident will likely invite scrutiny from regulators and officials.

"CrowdStrike will probably have to let some outside people come in and examine how this happened," said Cyber Threat Alliance's Daniel.

Source: AFP

Authors:
AFP avatar

AFP AFP text, photo, graphic, audio or video material shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium. AFP news material may not be stored in whole or in part in a computer or otherwise except for personal and non-commercial use. AFP will not be held liable for any delays, inaccuracies, errors or omissions in any AFP news material or in transmission or delivery of all or any part thereof or for any damages whatsoever. As a newswire service, AFP does not obtain releases from subjects, individuals, groups or entities contained in its photographs, videos, graphics or quoted in its texts. Further, no clearance is obtained from the owners of any trademarks or copyrighted materials whose marks and materials are included in AFP material. Therefore you will be solely responsible for obtaining any and all necessary releases from whatever individuals and/or entities necessary for any uses of AFP material.