As companies and institutions continue to recover from the weekend global IT outage, very few people saw the source of such an issue. Many have been highlighting our overdependence on IT, most notably the Internet, but apparently one simple rogue Windows update brought the worldwide system (or most of it) to its knees.

 

What exactly happened?

 

Cybersecurity firm CrowdStrike issued a faulty security update that caused Microsoft Windows computers to crash. It is estimated that around 8.5 million computers were hit by the update, creating the worst IT outage in recent history. Even today, many systems are still struggling to get back online, although the worst appears to be over, at least for the moment!

 

How broad was the impact?

 

Shoppers, those attempting to travel overseas or withdraw money from their bank, would likely have experienced the aftermath of the IT outage. Businesses, banks, hospitals, and airlines were amongst the worst hit, with CrowdStrike said to have a client list of 29,000 of the largest companies and institutions in the world. Even though the worst is over, more than 1,400 flights into or out of the US were cancelled on Sunday.

 

While it is still unclear how the rogue security update was allowed to pass so many security checks and bring down the global system, it has cast an unwelcome spotlight on the vulnerability of international computer networks. If one simple error is able to take down the system, what could a concerted cyber-terrorist attack achieve?

 

China unaffected by the global IT outage

 

Many experts were quick to highlight the Chinese economy, which, due to government policies restricting the use of influential overseas IT services such as CrowdStrike, was unscathed by the outage. It is likely that many governments will now follow the Chinese authorities in taking back control of their cyberspace and broader security.

 

Looking to the future

 

While action has been taken to rectify flaws exposed by the rogue Windows update, this issue has highlighted the potential ease with which terrorists could gain access to global networks. Even though cybersecurity has been a prominent issue amongst global regulators, we are likely to see the introduction of more stringent regulatory liabilities and much larger fines in the future.

 

Millions of customers around the world will also be concerned about the apparent ease with which global networks were compromised. Consequently, we will likely see more companies and institutions making public their cybersecurity strategies to allay their clients' fears. The knock-on effect is only just beginning!

 

Summary

 

Very few people had heard of CrowdStrike before the weekend global outage, illustrating how the sector tends to "fly under the radar". This is likely to change going forward, and whether by choice or legislation, surely the days of such hugely influential companies are numbered.

 

While an overdependence on global IT networks has always been seen as an acceptable price to pay for the introduction of cutting-edge technology, recent events are likely to make regulators and governments rethink their positions. Despite criticism from foreign governments, the Chinese authorities' approach has proven invaluable in avoiding the weekend IT chaos, the cost of which is still being counted!

 

Which countries will be next to follow China's lead?

Back to News