Connected world

Global outage has lessons for the future

The outage caused by a flawed security update on Friday caused losses amounting to tens of billions of dollars, as it took down banks, hospitals, airlines, ports, stock exchanges, and several other businesses. But it could have been worse, and the silver lining to this cloud is that it will force organisations around the world to do better contingency planning for future disasters or cyber attacks. Indeed, insurance companies that will have to pick up big tabs will insist on a review of disaster-recovery practices. The outage was caused by a security update pushed out by cybersecurity provider Crowdstrike. This was automatically installed on many computers running Windows, especially on corporate networks hooked to the Microsoft Cloud (Azure). The update crashed millions of computers and drove organisations offline. Luckily the cause was diagnosed quickly and recovery appears to be a tedious, but not particularly difficult, process of rolling back the offending update.

This outage may be considered a “dry run” for a directed cyber attack. There are lessons to be learnt in terms of disaster-recovery protocols. Microsoft Windows is ubiquitous across the corporate landscape, which leads to a standardisation that is useful under most circumstances. Corporate workers, including information-technology (IT) departments, don’t need to be trained in multiple systems. Moreover, Microsoft is one of the big three when it comes to Cloud-based services and there are only a few cybersecurity companies overseeing security on millions of corporate computers. Again, standardisation is useful but it makes users more vulnerable at scale. A breakdown in services at any of the handful of very large organisations could lead to yet another massive disruption.
 

Another point to be noted is that office computers/laptops are usuallyconfigured to give users little control when it comes to fiddling with the Operating System (OS). Changes to the OS can be initiated only by the IT department, and updates are pushed out and installed automatically as happened in this instance. Even smart users who may have known enough to stop this disastrous update being installed did not have the permission to prevent it. Organisations that don’t use Windows, or ones that have not upgraded to newer versions of the Windows OS, were immune. The Windows monoculture and market-share concentrations in Cloud and cybersecurity services create tempting targets for cyber assaults: Hitting any one of these organisations will cause a cascade of problems. One obvious way to mitigate this specific issue is phased rollouts of updates so that bugs and glitches may be picked up before the vast majority of users are affected.
 

The outage took down networked systems for around 12 hours — that is about 0.1 per cent of 2024. Financial losses may eventually amount to a similar blip in global output. But the downside of a highly networked world where things work smoothly 99.9 per cent of the time is that it can be reduced to helplessness when things don’t work. This can mean life-and-death when it disrupts essential services in hospitals, for example. Working out more resilient backups and better fail safes is an imperative, given the way the world is networked. It must be hoped that Crowdstrike has inadvertently provided an incentive for companies all over the world to initiate those processes.