When computers and IT systems around the world crashed simultaneously on Friday, paralyzing airports, Social Security offices and limiting prison operations, many people asked themselves one question: How could this happen in 2024? writes CNN.
An update bug disrupted computer systems around the world PHOTO SHUTTERSTOCK
A software update from the US-based cyber security firm CrowdStrike has caused all the chaos, highlighting the fragility of the global economy and its dependence on computer systems that few ordinary people pay attention to.
“Many people believe that when the end of the world comes, AI will take over some kind of nuclear power plant and turn off the electricity,” joked Costin Raiu, a cyber security researcher, for CNN. “Although in reality it’s much more likely to be a small piece of code in a botched update, causing a cascading reaction across interdependent cloud systems.”
Software updates are a critical function in society so that computers are continuously protected from hackers. But it is essential that the update process itself is done correctly and is itself protected against breaches. But this implicit trust in the process – which some say is too great – has just been compromised.
CrowdStrike is everywhere
Numerous Fortune 500 companies use CrowdStrike software to detect and block cyber threats. This time, computers running Microsoft Windows, one of the world’s most popular computer programs, crashed because of the way a code update issued by CrowdStrike interacted with Windows.
CrowdStrike, a multi-billion dollar firm, has expanded its network worldwide in its more than ten years of operation. Many more businesses and governments are now protected from cyber threats as a result; on the other hand, the dominance of a small number of firms in the antivirus and threat detection market comes with its own risks, according to experts.
“We trust cyber security providers widely, but in the absence of diversity; we have created fragility in our technological ecosystem”, Munish Walther-Puri, former New York City cyber risk director, told CNN.
“Market ‘gain’ can aggregate risk, and then we all – consumers and companies alike – bear the costs,” Walther-Puri said.
How it can be prevented from happening again
The wide range of critical infrastructure providers affected by the cyber outages is also likely to raise new questions among US officials and corporate executives about the need for new tools to avoid potential catastrophes in the future.
Asked about Friday’s quibbles, Anne Neuberger, a senior White House technology and cybersecurity official, spoke of the “risks of consolidation” in the technology supply chain.
“We need to really think about our digital resilience not just in terms of the systems we manage, but also the globally connected security systems, the risks of consolidation, how we manage that consolidation and how we we ensure that if an incident occurs, it can be contained, and we can recover quickly,” Neuberger said at the Aspen Security Forum in response to a question about computer system vulnerabilities.
Friday’s chaotic scenario did not involve any malicious actor, but government officials around the world are likely to ponder what might have happened.
The US government hack of SolarWinds software in 2020, which US officials blamed on Russia, came via an update targeted by hackers. But this one was nowhere near as disruptive, while an alleged Russian hack in 2017 caused billions of dollars in damage to the global economy after malicious code spread like wildfire.
The CrowdStrike episode “demonstrates the serious harm that could be caused by a malicious adversary if he had that intention”Tobias Feakin, former ambassador for cyber security and critical technology in the Australian foreign ministry, explained to CNN,
The bugs were caused by “an incorrect update to a piece of software called Falcon, produced by CrowdStrike, an anti-malware tool frequently used by many companies around the world,” a cybersecurity expert told The Guardian , according to Deutsche Welle.
“The problem has been identified and isolated and a remedial solution has been introduced,” announced, after several hours, George Kurtz, the executive chairman and founder of CrowdStrike, based in Austin, Texas. The flaw appeared “in a single content update for Windows hosts.”
