[ NNSquad ] Script of my radio report yesterday regarding CrowdStrike

[Lauren Weinstein]

This is the script of my national radio report from yesterday regarding
CrowdStrike. As always, there may have been some very minor wording
changes as I presented this report live.

- - -

So let's start with the bottom line. About 8.3 to 8.5 million or so
Windows systems crashed hard around the world due to this event. They
ended up in what we call BSOD which is Blue Screen of Death, and
needed manual intervention to fix and successfully reboot. That
involved doing things most computer users these days don't know how to
do like booting Windows into safe mode and using the command line and
so on.

Now eight and half million systems crashed isn't actually an enormous
number relatively in the total universe of Microsoft Windows systems.
But these particular computers were mostly in important environments
like airports and hospitals and used for transaction processing,
information displays, and a wide variety of other operations.

So thousands of airline flights ended up being cancelled, some
hospitals were tied up in knots, a long, long list. Just a mess all
around, and likely massive financial losses as you'd expect.

Now the root cause of all this ironically was cybersecurity software
from a firm called CrowdStrike that provides services that many firms
and organizations subscribe to that is designed to PREVENT
cyberattacks that could, for example, result in your systems crashing.

And this system runs on Windows computers and is frequently
automatically updated with the latest attack prevention information,
in some ways rather like consumer antivirus software you probably are
already familiar with. But, to make a long story shorter, they sent
out a bad update, and the update crashed these systems.

And we don't know all the technical details at this point, but even
without them there are some important lessons here, some of which
we've discussed in the past. And among these are the risks that our
connected society runs when a failure of a widely used software system
can disable vast numbers of computers around the country and the
world. So many systems and products are being automatically updated
now to fix newly found bugs, or to add features, or as in this case,
to try prevent attacks on the computers.

But irrespective of the details in this instance, security experts are
asking some pretty obvious questions. Like how did this bad update get
released so widely in the first place? One would normally expect
rigorous internal testing of such updates on a pretty wide range of
configurations before the update was released for public
dissemination. And it's standard good practice to do gradual rollouts
so that if something does goes wrong early on, you can immediately
stop sending to more systems and drastically limit the extent of the
problems.

And again we don't know what CrowdStrike's protocols were in this case
but the fact that some eight and half million computers in so many
locations all crashed over such a short period of time suggests
something significant probably does need changing in their protocols!
And we'll likely learn more because it's widely expected that there
will be congressional investigations and hearings into this event
because its impacts are so serious and affected so many Windows
computers doing very important tasks.

In the meantime, the bad news is that there's no way to guarantee that
this couldn't happen again, even to a larger extent, with other kinds
of updates to our computers that are everywhere. So maybe for now the
best advice if you're going to run Windows is to make sure that you DO
know how to manage some lower level aspects of your computers like
booting into safe mode and using the command line and assorted other
fun stuff that usually only we techies worry about. Because someday
you may suddenly find yourself facing a mysterious blue screen of
death on your own Windows computer, and getting your system back up
quickly, may all be completely up to you.

- - -

--Lauren--
Lauren Weinstein
lau...@vortex.com (https://www.vortex.com/lauren)
Lauren's Blog: https://lauren.vortex.com
Mastodon: https://mastodon.laurenweinstein.org/@lauren
Founder: Network Neutrality Squad: https://www.nnsquad.org
PRIVACY Forum: https://www.vortex.com/privacy-info
Co-Founder: People For Internet Responsibility
_______________________________________________
nnsquad mailing list
https://lists.nnsquad.org/mailman/listinfo/nnsquad