In a modern technology-based world, reliable cybersecurity applications are a must-have. Recently, a major cybersecurity incident has shown how big of an impact technology has on us, knocking the world offline.
Background / Overview
After major cybersecurity company Crowdstrike sent out a flawed software update, billions of Microsoft computers were affected, with the infamous 'blue screen of doom' being displayed. Now known as the largest IT outage in history, it lasted several hours starting late Thursday night. After working closely to restore systems, a fix for the issue was deployed - but not before affecting millions worldwide.
Effects
Critical surgeries were postponed, emergency 911 call centers couldn't respond to emergencies, and banks were disrupted. One of the most noticeable impacts was the effect on air travel - with over 3,000 United States flights canceled and thousands more delayed. Airports became crowded, with long lines of annoyed passengers waiting to check-in. Multiple major airlines released public statements apologizing for the inconvenience. The outage also caused financial damage.
Prevention
This incident emphasizes how important software developers are to modern technology. Human error impacts society, costing millions to billions of dollars in damages. Crowdstrike, like many other cybersecurity companies, releases kernel driver updates to protect computers against risk. These updates are implemented by businesses as soon as possible, which is why so many organizations were affected by this error at once. However, this security architecture is unstable, inefficient, and ineffective - using up resources but failing to identify threats in time. Recently, cybersecurity companies have begun to switch to a different security architecture - Zero Trust Endpoint Architecture. This architecture uses isolation methods to provide protection, trusting no entity and isolating them all to restrict any possible threats. This limits the amount of updates necessary and prevents major outages. To prevent future outages, software developers that send out real-time updates should release quality products that have been tested and deployed in phases, or switch to Zero Trust Endpoint Architecture. With today's modern technology, let's hope that incidents like these don't repeat themselves in the future.
I'll leave you with two questions to think about:
- If one software security update error could cause this much chaos and catastrophe, how vulnerable are our systems?
- How can we utilize modern technology such as AI to prevent flawed software updates from even being deployed?
