Why global tech meltdowns such as the CrowdStrike outage are the new normal?
Infomation & Communication Technology Show 2024-07-26T06:20:52.000+0000
China International Industry Fair is coming!Click the link to register:

https://www.ciif-expo.cn/ciifVisitor?registrationCode=ICTS-icts-en

Exhibition Date:September 24-28, 2024
Venue: NECC(Shanghai)

 

 

Last week's tech outage-the world's worst yet shocked many and exposed the underlying fragility of our digital networks, but for those working on the front lines of cybersecurity, it was merely a taste of things to come.

 

In the often-secretive world of network protection, where well-heeled clients are kept out of the media and details of hackings and ransoms paid are swept under the rug, Friday's "blue screen of death" meltdown was not entirely unexpected.

 

"These things are going to happen periodically and we're just going to have to be prepared for them in some way to recover as quickly and as smartly as we can," Jeffrey Dodson, a leading cybersecurity expert, says from Washington DC.

 

Security clients such as companies and governments face a dilemma, Mr Dodson says. They have to trust third-party vendors like CrowdStrike with the keys to the systems they protect, but after last Friday, they don't.

 

No backing out of cybersecurity death-grapple

 

微信图片_20240726141507

 So, what's the plan now?

 

The sight of blue error screens on supermarket self-check-out machines and roadside billboards opened the public's eyes to the internet's house of cards and the scale of the hidden security apparatus needed to protect its networks.

 

As online traffic resumed, the conversation turned to what it would take to prevent another big outage.

 

Some questioned the wisdom of effectively giving a third-party vendor, such as CrowdStrike, the keys to the core of an operating system, known as the "kernel". This allowed the Texas-based company to remotely and freely update the kernel.

 

Apart from the inherent risk of this arrangement, when the kernel failed after a defective update, as it did last Friday, it could only be replaced with manual access. Administrators had to attach a physical keyboard to each affected system, boot into safe mode, remove the defective CrowdStrike update, and then reboot.

 

Over the weekend, Microsoft released a recovery tool to speed up the process, although it may still take weeks to bring all affected sectors back online.

 

 
微信图片_20240726141519
Facebook Tweet Pinterest
WhatsApp us