Credit: Unsplash
When computer screens went blue worldwide last Friday, flights were grounded, hotel check-ins became impossible, and freight deliveries were brought to a standstill. Businesses resorted to paper and pen, as initial suspicions pointed to a cyberterrorist attack. The reality, however, was much more mundane: a botched software update from the cybersecurity company CrowdStrike.
“It was a content update that had catastrophic results,” said Nick Hyatt, director of threat intelligence at Blackpoint Cyber. The update affected CrowdStrike Falcon, a critical monitoring software, causing widespread disruption.
Eric O’Neill, a cybersecurity expert, noted that systems might take three to five days to fully recover. The outage highlights the need for incremental software updates and better quality control.
“Businesses need to view cybersecurity as an essential investment,” said Javad Abed, assistant professor at Johns Hopkins Carey Business School. “Building redundancy into systems is costly but necessary to prevent such failures.”
“The bigger picture is how fragile the world is; it’s not just a cyber or technical issue. There are a ton of different phenomena that can cause an outage, like solar flares that can take out our communications and electronics,” Avery said.
Ultimately, Friday’s meltdown wasn’t an indictment of CrowdStrike or Microsoft, but of how businesses view cybersecurity, said Javad Abed, assistant professor of information systems at Johns Hopkins Carey Business School. “Business owners need to stop viewing cybersecurity services as merely a cost and instead as an essential investment in their company’s future.”
Businesses should build redundancy into their systems to prevent a single point of failure from stopping operations. While costly, the expense of preventing such incidents is far less than the cost of the resulting downtime.
