The world recently experienced a catastrophic IT outage that could take weeks to resolve, according to cybersecurity experts.
A defective software update by CrowdStrike resulted in Windows PCs being severely incapacitated. As a result, airlines, hospitals, banks and businesses were unable to gain access to their systems, leading to significant delays and limited-to-now services being operational.
Effects of the incident are still ongoing whilst CrowdStrike fixes the problem, with reports suggesting that a return to total normality could take weeks. In response, essential services and government entities now have questions over the resiliency of their digital infrastructure and, if an outage of this scale were to happen again, will they be able to confront it?
It also raises the debate over allowing one company or product to oversee all endpoints within a company.
The challenges of single-vendor reliance
CrowdStrike has been providing antivirus software to Microsoft for its Windows devices, in addition to many other industries worldwide. It offers services across banking, retail and healthcare, among others, to protect organisations from malicious actors and data breaches. The company is also the official cybersecurity partner of the Mercedes-AMG Petronas Formula One team, which was also impacted by the outage.
As a result of the global incident, the cybersecurity company lost one-fifth of its value overnight, which equated to a US$16bn valuation loss. Reuters has since reported that CrowdStrike shares have plummeted by 13%.
Having been founded in 2011, CrowdStrike has cemented a strong reputation as one of the leading cybersecurity companies in the world. It not only provides the aforementioned security software, but also investigates hacks and tracks hackers to protect customers.
Speaking on Friday in the midst of the outage, CrowdStrike CEO George Kurtz said in a statement that a fix has been deployed for the issue and that it was not as a result of a cyberattack.
An update to CrowdStrike’s Falcon software was the root cause of the outage, with a bug within the update impacting roughly 8.5 million Windows PCs and servers around the world. According to Microsoft, this equates to less than 1% of all Windows machines.
“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” the tech giant stated in a blog post about the IT outage.
Occurrences like these raise questions over third-party access to large corporations. For instance, as CrowdStrike software runs across the entire Windows system, a small defect can lead to total system blackout as evidenced in last week’s incident.
Remaining resilient in a digitally connected world
With businesses engaging more frequently with disruptive technologies like cloud computing, cybersecurity vendors are under high levels of pressure to keep up with new types of threats like ransomware attacks, phishing and AI-driven threats.
This involves the challenges of updating cybersecurity systems, highlighting a need for greater global resilience and treating cyber incidents as an inevitability moving forward.
“They have to be on their toes when it comes to product development and updates,” comments Sascha Giese, Global Tech Evangelist at SolarWinds. “This challenge extends to businesses using security software. Unlike many other solutions, most security tools are set to "auto-update," so updates roll out automatically.
“Given the nature of risks and threats, there's little time to test each update thoroughly, and most organisations lack the manpower for extensive testing,” he adds. “The priority now is to see how the vendor handles the communication, the fallout, and the fix.”
It also speaks to the importance of response, in addition to prevention. Treating IT outages as an inevitability could ultimately help governments and industry collaborate to improve flaws and boost preparedness moving forward.
Keiron Holyome, VP UK & Emerging Markets for BlackBerry Cybersecurity suggests that the best defence is a good offence.
“Understanding your vulnerabilities and risks through regular testing is paramount, not only when deploying new software but consistently over time,” he explains. “To protect against potential threat actors who seek to take advantage of IT outages, a combination of AI-enabled internal and external penetration testing assessments remains vital.
“The performance and security of your systems is only as good as its least secure hardware and software components, so blind spots need to be addressed as a priority to keep companies operating as usual.
Comments
Post a Comment