Lauren Weinstein on Nostr: This is the script of my national radio report from yesterday regarding CrowdStrike. ...
This is the script of my national radio report from yesterday regarding CrowdStrike. As always, there may have been some very minor wording changes as I presented this report live.
- - -
So let's start with the bottom line. About 8.3 to 8.5 million or so Windows systems crashed hard around the world due to this event. They ended up in what we call BSOD which is Blue Screen of Death, and needed manual intervention to fix and successfully reboot. That involved doing things most computer users these days don't know how to do like booting Windows into safe mode and using the command line and so on.
Now eight and half million systems crashed isn't actually an enormous number relatively in the total universe of Microsoft Windows systems. But these particular computers were mostly in important environments like airports and hospitals and used for transaction processing, information displays, and a wide variety of other operations.
So thousands of airline flights ended up being cancelled, some hospitals were tied up in knots, a long, long list. Just a mess all around, and likely massive financial losses as you'd expect.
Now the root cause of all this ironically was cybersecurity software from a firm called CrowdStrike that provides services that many firms and organizations subscribe to that is designed to PREVENT cyberattacks that could, for example, result in your systems crashing.
And this system runs on Windows computers and is frequently automatically updated with the latest attack prevention information, in some ways rather like consumer antivirus software you probably are already familiar with. But, to make a long story shorter, they sent out a bad update, and the update crashed these systems.
And we don't know all the technical details at this point, but even without them there are some important lessons here, some of which we've discussed in the past. And among these are the risks that our connected society runs when a failure of a widely used software system can disable vast numbers of computers around the country and the world. So many systems and products are being automatically updated now to fix newly found bugs, or to add features, or as in this case, to try prevent attacks on the computers.
But irrespective of the details in this instance, security experts are asking some pretty obvious questions. Like how did this bad update get released so widely in the first place? One would normally expect rigorous internal testing of such updates on a pretty wide range of configurations before the update was released for public dissemination. And it's standard good practice to do gradual rollouts so that if something does goes wrong early on, you can immediately stop sending to more systems and drastically limit the extent of the problems.
And again we don't know what CrowdStrike's protocols were in this case but the fact that some eight and half million computers in so many locations all crashed over such a short period of time suggests something significant probably does need changing in their protocols! And we'll likely learn more because it's widely expected that there will be congressional investigations and hearings into this event because its impacts are so serious and affected so many Windows computers doing very important tasks.
In the meantime, the bad news is that there's no way to guarantee that this couldn't happen again, even to a larger extent, with other kinds of updates to our computers that are everywhere. So maybe for now the best advice if you're going to run Windows is to make sure that you DO know how to manage some lower level aspects of your computers like booting into safe mode and using the command line and assorted other fun stuff that usually only we techies worry about. Because someday you may suddenly find yourself facing a mysterious blue screen of death on your own Windows computer, and getting your system back up quickly, may all be completely up to you.
- - -
L
- - -
So let's start with the bottom line. About 8.3 to 8.5 million or so Windows systems crashed hard around the world due to this event. They ended up in what we call BSOD which is Blue Screen of Death, and needed manual intervention to fix and successfully reboot. That involved doing things most computer users these days don't know how to do like booting Windows into safe mode and using the command line and so on.
Now eight and half million systems crashed isn't actually an enormous number relatively in the total universe of Microsoft Windows systems. But these particular computers were mostly in important environments like airports and hospitals and used for transaction processing, information displays, and a wide variety of other operations.
So thousands of airline flights ended up being cancelled, some hospitals were tied up in knots, a long, long list. Just a mess all around, and likely massive financial losses as you'd expect.
Now the root cause of all this ironically was cybersecurity software from a firm called CrowdStrike that provides services that many firms and organizations subscribe to that is designed to PREVENT cyberattacks that could, for example, result in your systems crashing.
And this system runs on Windows computers and is frequently automatically updated with the latest attack prevention information, in some ways rather like consumer antivirus software you probably are already familiar with. But, to make a long story shorter, they sent out a bad update, and the update crashed these systems.
And we don't know all the technical details at this point, but even without them there are some important lessons here, some of which we've discussed in the past. And among these are the risks that our connected society runs when a failure of a widely used software system can disable vast numbers of computers around the country and the world. So many systems and products are being automatically updated now to fix newly found bugs, or to add features, or as in this case, to try prevent attacks on the computers.
But irrespective of the details in this instance, security experts are asking some pretty obvious questions. Like how did this bad update get released so widely in the first place? One would normally expect rigorous internal testing of such updates on a pretty wide range of configurations before the update was released for public dissemination. And it's standard good practice to do gradual rollouts so that if something does goes wrong early on, you can immediately stop sending to more systems and drastically limit the extent of the problems.
And again we don't know what CrowdStrike's protocols were in this case but the fact that some eight and half million computers in so many locations all crashed over such a short period of time suggests something significant probably does need changing in their protocols! And we'll likely learn more because it's widely expected that there will be congressional investigations and hearings into this event because its impacts are so serious and affected so many Windows computers doing very important tasks.
In the meantime, the bad news is that there's no way to guarantee that this couldn't happen again, even to a larger extent, with other kinds of updates to our computers that are everywhere. So maybe for now the best advice if you're going to run Windows is to make sure that you DO know how to manage some lower level aspects of your computers like booting into safe mode and using the command line and assorted other fun stuff that usually only we techies worry about. Because someday you may suddenly find yourself facing a mysterious blue screen of death on your own Windows computer, and getting your system back up quickly, may all be completely up to you.
- - -
L