Posted: 2024-07-20 02:47:29

What happened on Friday is almost certainly the result of a perfect storm: an update too urgent to wait for further testing, or an issue that couldn’t be perceived within the limitations of the testing environment, caused a problem that couldn’t be addressed by the usual mitigations. Some bad updates can be fixed with another update or a rollback, but this one snowballed.

CrowdStrike chief executive George Kurtz has been in damage control since the issue became apparent, but in time, governments and companies globally will and should expect a full explanation of what happened and how it can be avoided in the future.

The global IT outage caused chaos at Sydney and other airports around the world.

The global IT outage caused chaos at Sydney and other airports around the world.Credit: Louise Kennerley

But we may end up having to reckon with the fact that these issues are unavoidable as long as cybercrime exists and millions of machines rely on the same few vendors for their software and protection.

Tony Anscombe, chief security evangelist at global security company ESET, said CrowdStrike shouldn’t necessarily be criticised for the problem. But the incident does highlight some issues in need of addressing.

Loading

“We should not lose sight of who is to blame when an incident such as this happens. If cybercriminals and nation state attackers did not create cyberthreats, then we would not need protection in real-time,” he said.

“Cybersecurity vendors are likely to be reviewing their update processes to ensure there are no gaps and to see how they can strengthen them.

“For me, the real learning comes that when a company reaches a significant market position, their dominance can cause a semi-monoculture event, one issue will then affect many.”

Get news and reviews on technology, gadgets and gaming in our Technology newsletter every Friday. Sign up here.

View More
  • 0 Comment(s)
Captcha Challenge
Reload Image
Type in the verification code above