up call for resilient cyber security

Home>>

(Xinhua) 08:18, July 22, 2024

* Just hours following the outage, scams, phishing emails, and other criminal activities started to target CrowdStrike customers concerning the incident, under the guise of customer service and technical support.

* The fact that the largest global IT outage so far was caused not by cyberattacks or ill-intentioned actors but, ironically, by a routine update from a cybersecurity software, has once again exposed the systemic risk stemming from an increasingly omniscient and intertwined digital infrastructure and a world which relies on it.

* While individual organizations are recommended to spend more resources on off-grid back-ups and staff training over working without computers, some argue the incident showcases the urgency to regulate the highly monopolized market.

Long queues of passengers are seen in front of check-in counters in Singapore's Changi Airport on July 19, 2024. (Photo by Then Chih Wey/Xinhua)

BEIJING, July 21 (Xinhua) -- Airlines, media, retailers, hospitals, banks, and essentially, any organization that relied on CrowdStrike's service to protect their Microsoft system from viruses and malware, are still recovering from the unprecedented global IT outage on Friday, with 8.5 million Windows devices affected.

Experts and analysts regard the incident as a wake-up call for a more resilient and less monopolized global digital infrastructure, warning that the world will be more vulnerable facing such disruptions, which could become a "new normal."

UNPRECEDENTED OUTAGE

On Friday, customers across the world of CrowdStrike, a cybersecurity firm based in Austin, Texas, started to see the "blue screen of death" on their Windows system after installing a faulty Falcon sensor update on Thursday night.

Essentially, Falcon monitors what is happening on the computers on which it is installed and looks for signs of nefarious activity (such as malware). This means that Falcon is deeply integrated into Microsoft's system to the extent that when it falters, the system does too.

"We currently estimate that CrowdStrike's update affected 8.5 million Windows devices, or less than one percent of all Windows machines," said Microsoft in its blog post on Saturday.

Following what Microsoft calls "significant incidents," the company said it has "maintained ongoing communication with customers, and is working with CrowdStrike and external developers to collect information and expedite solutions."

A banking ATM is out of service in Istanbul, Türkiye, July 19, 2024. (Xinhua/Liu Lei)

Just hours following the outage, scams, phishing emails, and other criminal activities started to target CrowdStrike customers concerning the incident, under the guise of customer service and technical support.

"The scale of this outage is unprecedented, and will no doubt go down in history," said Dr. Junade Ali, a cybersecurity expert and fellow at the London-based Institution of Engineering and Technology.

"Unlike some previous outages that targeted Internet infrastructure, this situation directly impacts end-user computers and could require manual intervention to resolve, posing a significant challenge for IT teams globally," Ali added.

Experts estimate a full recovery from a disruption at such a scale will take weeks. "It seems that millions of computers are going to have to be fixed by hand," said Mikko Hypponen, chief research officer at WithSecure, a cybersecurity company.

Recovery is particularly challenging for small and medium-sized enterprises, which have fewer resources and IT staff to do the manual fixing, said Joe Tidy, a BBC cyber correspondent on Friday.

MORE DISRUPTIONS TO COME

Almost 30,000 flights were delayed on Friday and nearly 7,000 were canceled worldwide, according to Euronews.

The incident resulted in a significant drop in CrowdStrike's value, wiping billions off the company's market value when trading opened on Friday. The same day, Wall Street's major indexes declined, exacerbating a sell-off fueled by tech stocks and mixed earnings reports.

"The outage is likely to intensify regulations for critical services and risk management," said Dr. Madeleine Stevens, an IT expert at Liverpool John Moores University.

"Despite the incident not being a cyberattack, consumer skepticism will inadvertently be impacted, and this unintended demonstration of our cyber vulnerability will raise significant challenges for IT service providers," Stevens said.

Passengers wait at Milwaukee Mitchell International Airport in Milwaukee, Wisconsin, the United States, on July 19, 2024. (Xinhua/Wu Xiaoling)