Worldwide IT Outage: Rethinking Resiliency

If you’ve been following today’s news, you’ll be aware of the massive IT outage worldwide which has grounded flights, forced some broadcasters off air and hit services from banking to healthcare.

An update to a product from the global cybersecurity firm CrowdStrike seems to be the catalyst, impacting CrowdStrike customers using Microsoft’s Windows Operating System. Anybody reliant on organisations using CrowdStrike is therefore impacted. The issue is worldwide, leaving many users unable to start or reboot their systems, and disrupting banking payments. This morning, the London Stock Exchange was unable to process trades, and reports indicate that airline staff globally are resorting to hand-writing boarding passes for passengers.

CrowdStrike CEO George Kurtz announced on social media platform X that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts” and that a fix is being deployed.

CrowdStrike reported that its “Falcon Sensor” software was causing Microsoft Windows to crash and display a blue screen, informally known as the “Blue Screen of Death.” The company also shared a manual workaround to address the issue.

Microsoft has stated that the underlying cause for the outage has been fixed, but the residual impact of cybersecurity outages continues to affect some customers. Full resolution of the issues for those affected may take a while as it’s understood every affected computer has to be rebooted into ‘safe mode’ and a minor change made, and this cannot be undertaken remotely.

Re-thinking Resiliency

The CrowdStrike issue has highlighted our total dependence on technology. The problem has spanned across multiple industries and sectors, marking an unprecedented event in its scale. It’s clear that it’s time to rethink resiliency.

Whether your business was directly affected by this issue or your personal travel plans were disrupted, now is the time to reconsider your approach. What are you taking for granted? It’s been standard industry practice to push out minor revisions to “anti-virus” products immediately, without corporate testing, to protect against new attacks “in the wild.” This incident calls for a change in that approach, beyond just addressing the immediate fallout.

When did your organisation last have an independent cyber resiliency review? Is your cyber hygiene as robust as you believe? Even if it is in good shape, what risks are involved? What change controls do you have in place? What third-party vetting do you conduct, and are those processes handled by sufficiently skilled and qualified staff?

Can AJC assist you with these assessments to minimise the impact of the next rogue release? If you think we can help, please get in touch.

Image accreditation: Rocker Sta (2018) from Unsplash.com. Last accessed on 19th July 2024. Available at: https://unsplash.com/photos/gray-airplane-on-parking-RSYBi_1fhfM