Science & Technology Cyber Security

Cybersecurity and Infrastructure Security Agency (CISA)

20 July
CrowdStrike update that caused global outage likely skipped checks, experts say
the global impact of this outage reflects CrowdStrike’s dominance. Over half of Fortune 500 companies and many government bodies such as the top U.S. cybersecurity agency itself, the Cybersecurity and Infrastructure Security Agency, use the company’s software.
By Zeba Siddiqui
(Reuters) – Security experts said CrowdStrike’s routine update of its widely used cybersecurity software, which caused clients’ computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed.
The latest version of its Falcon sensor software was meant to make CrowdStrike clients’ systems more secure against hacking by updating the threats it defends against. But faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies using Microsoft’s Windows operating system.
Global banks, airlines, hospitals and government offices were disrupted. CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.

19 July
Tech Meltdown Collapses Systems Worldwide
(Bloomberg) In what may go down as the most spectacular IT meltdown the world has ever seen, a botched software update from cybersecurity firm CrowdStrike crashed countless Microsoft Windows computer systems all over the world, idling airlines, banks, hospitals and even the London Stock Exchange. For several hours, bankers in Hong Kong, doctors in the UK and emergency personnel in New Hampshire found themselves locked out of programs critical to keeping their operations afloat. There are precedents for such outages. In 2017, a series of errors within Amazon’s cloud service affected the operation of tens of thousands of websites. In 2021, issues at content delivery network Fastly took out several media networks. Disruptions also incapacitated Amazon’s AWS cloud service. But none of those approached the scale of the CrowdStrike outage, whose repercussions are still being felt. “I don’t think it’s too early to call it,” Australian security consultant Troy Hunt said in a social media post. “This will be the largest IT outage in history.”
Parmy Olson writes in Bloomberg Opinion that one of the most disturbing things about Friday’s devastating global outage is how routine such ruinous events have become. This time however, the scale was unprecedented. That should spur Microsoft and other IT firms to do more than simply administer a band-aid, Olson says.

CrowdStrike IT outage affected 8.5 million Windows devices, Microsoft says
(BBC) Microsoft says it estimates that 8.5m computers around the world were disabled by the global IT outage.
It’s the first time a figure has been put on the incident and suggests it could be the worst cyber event in history.
The glitch came from a security company called CrowdStrike which sent out a corrupted software update to its huge number of customers.
Microsoft, which is helping customers recover said in a blog post: “we currently estimate that CrowdStrike’s update affected 8.5 million Windows devices.”
The number given by Microsoft means it is probably the largest ever cyber-event, eclipsing all previous hacks and outages.
The closest to this is the WannaCry cyber-attack in 2017 that is estimated to have impacted around 300,000 computers in 150 countries. There was a similar costly and disruptive attack called NotPetya a month later.
There was also a major six-hour outage in 2021 at Meta, which runs Instagram, Facebook and WhatsApp. But that was largely contained to the social media giant and some linked partners.

The CrowdStrike Failure Was a Warning
Digital disaster should not happen so easily.
Crucial systems across the world collapsed on Friday, triggered by one mistake in a single company. The CrowdStrike outage hit banks, airlines, and health-care systems. It may end up being the worst information-technology disaster in history.
This was not, however, an unforeseeable freak accident, nor will it be the last of its kind. Instead, the devastation was the inevitable outcome of modern social systems that have been designed for hyperconnected optimization, not decentralized resilience
It’s an unwise choice to have so much critical infrastructure riding on one company or one batch of digital code. Societies will be less vulnerable if social systems rely on a more diverse digital array of companies, if those companies are required to follow more stringent testing for updates, and if critical infrastructure has more redundancy so that it can continue operating safely even when one component breaks.