World wide IT dropout

*Glammagran, you were correct - this was not a malicious act - and I was wrong to automatically imagine the worst. Cloudstrike has changed their roll-out procedures now so they will time-stagger software updates instead of everyone at once. It was just poor planning and not a cyberterrorrism act.

This just shows how foolish we would be to go to a cashless society.

I get the impression the tide has turned on this.

This just shows how foolish we would be to go to a cashless society.

I still keep hard copy records for every transaction in my business - I am old fashioned like that. At least I know who has bought what and where I have to send it. Even if the posta service ceases to operate because their computers have gone down ....

It may also be to do with the EU's stronger data protection?

Urmstongran

Microsoft blames EU rules for allowing world’s biggest IT outage to happen.

European Commission deal prevented software giant from making security changes that would have blocked CrowdStrike update, claims tech giant.

I never thought I would defend the eu but I have to in this case.
The ruling was tied up with Microsoft having an unfair advantage over other companies, which they do.

Thanks NotSpaghetti.

McAfee ePO has 22% don't know about all the others. Would expect Microsoft to have a masdive share tbh.

Have just googled this Urmstongran

Discovered SentinelOne has10%,
Duo Security 8%

Not sure who other competitors are..

Microsoft blames EU rules for allowing world’s biggest IT outage to happen.

European Commission deal prevented software giant from making security changes that would have blocked CrowdStrike update, claims tech giant.

A quarter of the world market then. Some business!

Just checked. They have 24% of the market.

8.5 million devices worldwide isn't really that many if you think about it.

The problem arose because of who was using them.

My son manages systems for a number of companies and a defence contract and didn't have a single one go down as none of them use Crowdstrike - but his friend had one contract of 6,000 hotels go down!

It was easy to reset them but had to be done individually I believe.

Also, I'm not sure they pushed a broken software update? Unless you just meant implemented one with flaws?

CrowdStrike pushed a broken software update, which forced Windows computers into an unusable state. The incident is estimated to have delayed over 5,000 flights worldwide, costing the economy at least $1 billion.

As CrowdStrike is one of the biggest cybersecurity firms in the world, the outage touched about 8.5 million Windows devices worldwide, forcing Windows computers into the dreaded “blue screen of death.” The company is still dealing with the impact of the bugged update, which has impacted many critical devices and servers that are hard for engineers to fix.

How can a computer crash cost the economy so much money? If you want an answer, all you have to do is look to the airline industry — the outage disrupted the computers that airlines use to schedule and track flights, delaying tens of thousands of flights and canceling over 10,000 between Friday and Sunday. Thousands of passengers were stranded at airports, and airlines are still struggling to get their services up and running.

The world we live in now is dependent on technology there often is no paper backup at all, this was an ordinary update that caused the problem.
Critical systems should be isolated from the internet we all use every day, think what chaos would be caused if a deliberate act put data centers out of action for a long period.

Maybe mae13 but luckily not "life and death" - and it will go through today or Monday, surely?

🤞 for you.

Watching the very lengthy and nail-biting process of buying property fall literally at the last fence because the transfer of funds on THAT Friday could not go through due to "circumstances beyond our control". Recipe for a terminal nervous breakdown, surely......

There would be an awful lot of compensation seeing that is was a worldwide event. Hope no one was badly affected as regards medical procedures and hospital admissions is all.

Crowdstrike will have contracts with the companies who use their services directly.

The people with cancelled flights have different contracts with their carrier or travel agent. They don't have contracts with Crowdstrike - I can't see why Crowdstrike would compensate them!

It also supposes the question of whether Crowdstrike should pay compensation to ll those who suffered financial loss through cancelled flights etc

Joe Tidy
Cyber correspondent
There are suggestions, from the wording of the Crowdstrike CEO, that this dodgy overnight update was supposed to be small.
A "content update" is how it was described. So, it wasn’t a major refresh of the cyber security software. It could have been something as innocuous as the changing of a font or logo on the software design.
That would potentially explain why the software wasn’t as rigorously checked in the same way a major update would have been. And how it sailed through to all computers without being blocked.
But it also poses huge questions to the cyber security company: how could a small update do so much damage?

keepingquiet

NotSpaghetti

I suppose we are all "using technology" keepingquiet

My point- no outage here!

Domestic systems aren't affected. It's those are networked that are affected apparently.

However, outage can be caused by direct actions of humans. Some years ago a stupid man, up a tree with a chainsaw managed to cut an overhead cable. An area with a radius of around 28km was without power for nearly 2 days. Supermarkets could only take cheques; Bank ATMs and petrol pumps didn't work nor did our home computers. This was late afternoon one Friday and was resolved late Sunday evening.

News from The Times says, "The US cybersecurity firm CrowdStrike’s latest software update caused Windows computers across the world to shut down,"

If it were malicious, they wouldn't say until weeks after everything had been fixed. Yes, I am I.T. as well.

Macadia

MaizieD

I've been feeling for a long while now that our complete dependence on IT is worrying. This outage doesn't inspire confidence.
What if it had been malicious?

It is always malicious. I truly believe that these sorts of outages ate just tests for the "real thing". That's why it's always important to have an emergency kit and in that kit, keep some cash money, too. You will need it if digital goes down for a lengthy time.

There is no evidence this outage is malicious.

As a software developer, I made mistakes in my working life (not on this scale!!) and had to reinstall backups. I certainly wasn’t acting maliciously.

MaizieD

I've been feeling for a long while now that our complete dependence on IT is worrying. This outage doesn't inspire confidence.
What if it had been malicious?

It is always malicious. I truly believe that these sorts of outages ate just tests for the "real thing". That's why it's always important to have an emergency kit and in that kit, keep some cash money, too. You will need it if digital goes down for a lengthy time.

GPs have no access to patients' records, only first line, name and number.
luckily my friend managed to see a GP; wanted the woman she's seen before, tricky situation, but only option was new young male GP, and had to explain her whole situation to him, as no patient history to read.
which is quite triggering in itself.
but, he listened and perhaps because she had to, she managed to tell it like it is, he could see she was affected.
he signed her off for 6 weeks.
which is a relief.