A catastrophic software update issued by cybersecurity firm CrowdStrike on Friday sent shockwaves through the global tech ecosystem, causing widespread disruptions to airlines, banks, businesses, and healthcare providers.
Speaking to AIM, Omer Grossman, chief information officer (CIO) at CyberArk, an information security company, called it one of the most significant cyber failures of 2024. “The damage to business processes at the global level is dramatic,” he said.
Excluding Microsoft, US Fortune 500 companies are said to face $5.4 billion in financial losses due to the Windows outage.
What Went Wrong?
In a blog post, CrowdStrike CEO George Kurtz attributed the widespread disruption to a “logic error” within a sensor configuration update released on July 19. This update caused Windows systems to crash, resulting in a “blue screen of death” for numerous devices.
While CrowdStrike swiftly released a fix, restoring full functionality is expected to take several days. “Due to the severity of the system crashes, affected devices require manual intervention to recover. This painstaking process, involving individual attention to each endpoint, is expected to take several days,” Omer said.
Realisation has Hit India
The outage significantly disrupted critical services in India. Flight operations were severely impacted, causing delays and affecting booking systems for major airlines such as IndiGo, Akasa Air, and SpiceJet.
Additionally, payment systems and other essential services were affected.
Many airline operators had to turn to handwritten boarding passes to maintain operations. Akshay Kothari, a passenger turned to X, to show off his boarding pass, which was filled in using a blue pen.
The outage also forced many companies to look for ways to avoid single points of failure and are re-evaluating their cloud strategies to prevent any ‘blue screen of death’ incidents.
Sumit Rajan Srivastava, solution engineering director, CyberArk, said that in recent times, major Indian companies have started taking their safety seriously.
“Earlier, Indian companies thought that cyber attacks are about the West, it’s about the banks, it’s about the financial institutions and won’t affect us. But now the manufacturing companies, the utilities companies, the hospitals, the pharma companies, they all now understand that they can be breached,” he said.
He also said that securing industrial control systems and preventing disruptions to critical infrastructure is a growing concern. The increasing number of interconnected devices expands the potential attack surface.
“As a result, organisations must implement a comprehensive security strategy that protects both digital and physical assets,” Shrivastava added.
Third-Party Problems
The incident has exposed the vulnerabilities of heavily interconnected systems and the potential consequences of even minor software errors.
As the world becomes increasingly reliant on technology, the need for robust security measures and disaster recovery plans is paramount.
Organisations heavily rely on third-party vendors for various services, from software development to supply chain management. “However, these dependencies introduce significant security risks. A breach at a third-party vendor can compromise the security of the entire ecosystem,” Srivastava said.
Need for Alternatives
The outage has forced CIOs to question the resilience of their cloud environments and explore alternative strategies.
In a recent interview, Abhishek Gupta, CIO at DishTV, said, “When an issue of such magnitude happens and causes such a big disruption, it is important and necessary to revisit your existing beliefs, decisions, and tradeoffs that went into arriving at the current architecture.”
The solution, according to Srivastava, is to have a multi-cloud environment. “Until last year, a lot of companies went for one or two cloud [management systems]. Now, most of them have at least three,” he said.
“Earlier, it was all about IT security, securing the servers, and network devices. But now, the manufacturing organisations understand that if a breach happens in their plant, their entire plant can be shut down,” he added.
