What I learned from the ‘Microsoft global IT outage’

I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million Windows, which is basically the exact opposite of what businesses hire them to do.

Those PCs entered a ‘boot loop’, where they would blue screen of death on boot, making them essentially unusable without steps to repair (or being very lucky with manual reboot timing).

It was branded as and will forever be known as the Microsoft global IT outage, but it wasn’t a Microsoft outage.

By my count, it’s by far the biggest IT and cyber incident ever — much bigger than any reported numbers on NotPetya, WannaCry etc.

Shit happens when it comes to cybersecurity, as this post will get into. CrowdStrike aren’t the only company to do this, and they won’t be the last. They are, however, the first security vendor to crash so many systems so quickly.

To give CrowdStrike their credit, they quickly withdrew the update — in under half an hour, in fact (but by that point, much damage had already been done globally) and tried to take the lead on the situation. I think CrowdStrike overall reacted really well, and I’ll touch on later, I hope they don’t blame one person.

I think the incident highlights a bunch of wider concerns.

But before we get into the fun stuff, enjoy this video of engineers fixing PCs:

https://medium.com/media/71389ade0644fae517833625855af95d/href

Media coverage largely sucked

When I just looked at my phone, the headlines were about an unfolding Microsoft global IT outage. My first thought, ransomware. So I logged in and started looking around at what was happening — I’m a CrowdStrike customer — and quickly realised two different, separate things had happened:

  • Microsoft Azure had an outage earlier in the day. This was resolved before I got up. Azure has frequent outages (don’t kill me, Microsoft) — this isn’t abnormal.
  • CrowdStrike had made a boo-boo and pushed out a channel update that had borked a decent percentage of customers.

The media connected these two events together and co

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from DoublePulsar – Medium

Read the original article: