CrowdStrike outage – efficiency over resilience?

1 min read

Last week’s global tech outage caused by a software update by cybersecurity firm CrowdStrike affected nearly 8.5 million devices, according to figures supplied by Microsoft.

Credit: Robert - adobe.stock.com

The software triggered systems problems that impacted airlines, railways, retailers and broadcasters and left many customers unable to access a variety of services.

While that figure appears to be a ‘big’ number in fact the outage affected only accounted for 1 per cent of Microsoft devices and thankfully, rather than a cyber-attack, it appears to have been the product of human error.

CrowdStrike’s software update conflicted with Microsoft’s Windows operating system, and consequently rendered many devices inoperable. But while 99 per cent of devices were unaffected, almost every large organisation in the world uses Microsoft Windows – it dominates the corporate market.

Fixing the problem is likely to be tedious but is eminently doable. But what this outage showed was the impact a single error by a single tech company can cause and that certainly raises worries as to what a determined adversary could do.

Have we put too much of our focus on efficiency over resilience and could CrowdStrike’s mistake trigger a fundamental reappraisal of our networked world?

Microsoft Windows dominates corporate computing and has been described as a monoculture and as we saw last week that’s bad in terms of resilience If anything goes wrong. It also showed us just how fragile our networked world has become.