“There was this huge outage last week and I still don’t really understand what happened?”
Hi there, and welcome back to another week of Ask Trish! I hope you’re all well and having a great end to July. (Can you believe we’re just a few days away from August? Where did this past month go?!)
Thank you so much to this week’s question-er for the fantastic, very topical question. Indeed, as I’m sure nearly all of you are aware, earlier this month, on Friday, July 19th (unrelated, but how amazing would it have been if it was Friday the 13th?) folks around the world suddenly found themselves stranded in airports, unable to travel; staring at the “blue screen of death” that you never want to see on a computer; and unable to access many important services, including health services, which were suddenly not operational (for instance, 12 major hospitals and health systems in the U.S. reported that they had been affected). The only explanation? There had been a “global IT outage” that had something to do with a company that most folks had never heard of…CrowdStrike. In the days that followed, we learned a lot more about what, exactly, had happened, but a lot of people (understandably) remain confused about what went down. Of course, that’s where I come in! In this week’s post, I’ll i) give y’all an easy-to-understand, non-jargony run-down of what happened and why the outage was so consequential and ii) briefly explore the important questions that this incident raises.
Sound like a plan? Let’s dive in:
Okay, so first and foremost: what exactly happened here? Well, first, it’s helpful to know a little bit about CrowdStrike. CrowdStrike is a cybersecurity firm, meaning that (ironically) aims to help its customers prevent digital security breaches. Its platform helps provide identity threat detection and cyberattack response services, among other offerings. CrowdStrike has (historically, at least) been very good at what it does, which is why it works with very large, prominent customers, including many Fortune 500 companies (think: Delta Air Lines), large hospital systems, and even government institutions. Now that we’ve set the stage, we can return to the day of the outage; earlier in the day, CrowdStrike pushed out a routine software update. (You should be familiar with software updates – just think of the iOS/Android updates that Apple/Google push out to you all the time.) Unfortunately, that software update had an unintended bug…a bug that accidentally crashed any customers’ Windows systems. Put more simply: any CrowdStrike customers using computers running Microsoft Windows were suddenly faced with the dreaded “blue screen of death.” If CrowdStrike were a smaller firm, serving smaller customers, or customers in a certain region, the disruption may have been minimal, or at least, relatively contained…but instead, because CrowdStrike serves huge, important companies, the impact was enormous. (I know…major yikes.)
At first, there was panic that it was a cyberattack – but as CrowdStrike quickly explained, it was in fact a mistake of the company’s own making: that bug in the software update! (Funnily enough, the intended purpose of the update was to help customers detect emerging threats and gather data on novel threat techniques. Suffice to say, that’s not what happened!) They immediately got to work trying to fix the issue…but of course, that took time. In the meanwhile, critical services (including flights, medical procedures, etc.) were non-operational. Interestingly enough, the outage technically only affected 8.5 million devices (which sounds like a lot, but that’s less than 1% of all Windows devices). But again, because those were devices being used by important companies and institutions providing important services, millions of people the world over felt the effects of the outage. The fall-out was tremendous: some calculations put the total financial loss of the outage at $5.4 billion (yes, billion!).
So now you know what happened, in a nutshell. Maybe you’re thinking: gosh, I guess the moral of the story is that CrowdStrike ought to be more careful with their software updates! And that’s definitely true; nice work! But this incident also raises some bigger questions. Like: is it such a good idea to have large companies in so many crucial sectors (airlines, banking, energy, government, healthcare, to name just a few) rely on just one cybersecurity firm? Why aren’t there more cybersecurity firms in the market? And could greater market diversity have helped mitigate the impact of the outage? If yes, then maybe we ought to look at creating greater competition in the tech space, so that society is not forced to rely on just one or two actors (and hope that they do their job right). The incident might also make you wonder: this was an accident, but what if it had been a cyberattack? Are we prepared for that? Just based on the response to the outage, I’m going to say that the answer (at this moment) is no. And that’s a frightening thought. Indeed, the incident highlights how much work we have ahead of us to ensure that our digital infrastructure is secure (and how connectedness – as amazing as it is – can also be a vulnerability).
Hopefully, that gave you a clear, concise overview of this important moment in IT history. Let’s cross our fingers that it doesn’t happen again! Maybe you’ve now got a really good handle on this topic (in which case, I’m so glad to hear it!), or maybe you’ve still got questions. If the latter, I’m genuinely glad to hear that, too, because I’d love to help. Go ahead – take 2 minutes, and share whatever internet/tech-related issues you’re wondering about here. I can’t wait to hear what’s on your mind! Thank you a ton in advance for contributing to the #AskTrish community.
Have a great week,
Trish