Catastrophic computer failures caused by a single company’s software update have once again highlighted the dangers of global technological reliance on a handful of companies, experts warned on Friday.
A flawed update pushed out by little-known security firm CrowdStrike brought airlines, TV stations and other aspects of daily life to a standstill.
This disruption affected companies or individuals who use CrowdStrike on the Microsoft Windows platform: when they applied the update, the incompatible software crashed computers and rendered them in a frozen state, known as the “Blue Screen of Death”.
“CrowdStrike is a household name today, but not in a good way, and it will take time to establish itself,” said Dan Ives of Wedbush Securities.
The failure fueled discussion about the power of internet giants over an increasingly digital world economy, with much of the activity now taking place in the computing “cloud” or on a few apps or platforms.
Just a Taste
When those platforms have flaws — or are deliberately attacked — it can feel like the world has collapsed.
In recent months, entire healthcare systems and industries have come to a standstill when hackers infiltrated their systems, leaving consumers frustrated and companies in losses.
“I think we’re already experiencing some of the potential impacts of real reliance on a handful of cloud companies and other key systems by various sectors of the financial sector and the economy,” Rohit Chopra, director of the US Consumer Financial Protection Bureau, told CNBC.
“There are a handful of large cloud companies that now have a lot of influence in the economy.”
The world has seen a huge shift towards cloud computing, where companies use servers offered by big tech giants instead of building their own infrastructure for their computing needs.
Amazon is the global leader through its AWS company, followed by Microsoft’s Azure and Google Cloud.
The outage on Friday was caused by a faulty software update delivered to Microsoft Windows users by CrowdStrike, which specializes in cybersecurity for cloud-based companies.
“We deeply regret the impact this has had on customers, travelers and anyone else who was affected,” CrowdStrike CEO Kurtz said in an interview on NBC’s “Today” show.
Microsoft blamed CrowdStrike for the problem, but industry insiders warned the problem stemmed from entrusting the digital world to just a few major companies.
“This will continue to cause problems for systems or businesses that are completely dependent on Microsoft – it’s an issue of concentrated risk,” Michael Daniel, a former White House cybersecurity coordinator and current head of the Cyber Threat Alliance, told AFP.
“How do you balance the benefits of having everyone on the same operating system and the risks that come with that?”
Kelly Guenther, senior manager of cyber threat research at Critical Start, warned that the shift to bigger players magnifies the impact of any system failure or vulnerability.
He said a mistake like the one that occurred on Friday by CrowdStrike could threaten the smooth functioning of society around the world.
No contingency plan
Andrius Minkevicius, co-founder of cybersecurity company CyberUpgrade, said businesses must fight the complacency associated with outsourcing technology to large vendors.
“Today, we are seeing examples of those who relied on vendor-provided cybersecurity without additional contingency plans and are now suffering reputational and financial damage,” he said.
Experts have warned that the incident could lead to investigations from regulators and authorities.
“CrowdStrike is probably going to have to bring in some outside people to investigate how this happened,” said Daniels, of the Cyber Threat Alliance.
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)
