20 Jul 2024

Global tech crash opened like a Hollywood disaster film. So how does it end?

2:06 pm on 20 July 2024

By Ange Lavoipierre, ABC national technology reporter

Millions of computers around the world became unusable and unable to be rebooted, showing the "Blue Screen of Death" after a CrowdStrike issue.

Millions of computers around the world became unusable and unable to be rebooted, showing the "Blue Screen of Death" after a CrowdStrike issue. Photo: CC BY 4.0 / QueenBarenziah

Analysis - Friday afternoon felt a lot like the 12-minute mark in a disaster movie.

Choked airports, crashed payment systems, news anchors improvising, and the sudden ubiquity of Microsoft's now famous blue screen of death, with its strangely ominous sad face.

The difference of course is that in the movie, there's a villain pulling the strings - a hostile foreign power, a money-hungry cyber gang, or even a fanatical cult, intent on bringing entire nations to their knees.

In the version we witnessed yesterday, the culprit was in some ways more dangerous; it was our own systems.

Cyber security experts all over the world are still scrambling to understand what caused the largest outage in history.

It may be weeks or even months before we have the full picture, but what's certain is that two separate systems - Microsoft's cloud service, Azure, and a software update from cyber security company CrowdStrike - malfunctioned on the same day.

CrowdStrike has since apologised and taken a large measure of responsibility, saying a software bug in one of its updates triggered the problems for Microsoft too.

Both are thoroughly woven into the fabric of the world's digital ecosystem.

Auterive, France, 2024-07-19 . Logo of the American cybersecurity software company CrowdStrike, whose faulty security update caused a worldwide blackout affecting business PCs running Microsoft s Windows operating system. Numerous companies were impacted, touching many sectors of the economy using Microsoft applications and software, and affecting many international companies, with repercussions on air and rail transport traffic, hospitals and the various stock exchanges in many countries, causing huge financial damage. Photography by Sebastien Lapeyrere.
Auterive, France, 2024-07-19 . Logo de la societe americaine de logiciel de cybersecurite CrowdStrike, dont une mise a jour de securite defectueuse a entraine une panne informatique mondiale touchant les ordinateurs PC professionnel fonctionnant sur le systeme d exploitation windows de Microsoft. De nombreuses entreprises on ete impacte touchant de nombreux secteurs economique utilisant les applications et logiciels Microsoft impactant de nombreuses...

CrowdStrike are at the centre of a global outage on Friday. Photo: SEBASTIEN LAPEYRERE / AFP

CrowdStrike has an almost 18 percent share of the global market for anti-virus protection, while Microsoft's Azure enjoys a 25 percent share of that cloud services market.

Felling two giants like that had a catastrophic effect, and the resemblance to the long-running nightmares of governments and movie fans alike was uncanny.

As the crisis was unfolding, UNSW's sober-minded and well-respected cyber security expert, Professor Richard Buckland, named it as such on national TV.

"It is playing out how an attack would play out," he told the ABC.

"We could be getting a taste now, even if it is just a dress rehearsal for what a cyber warfare or cyber terror attack would look like."

Read more on the global CrowdStrike outage

All the world's a stage, but are the players ready?

If yesterday was an inadvertent dress rehearsal for anything more sinister that may come down the line, the obvious question is: how did we go?

Using Hollywood as a benchmark, not appallingly. Flights were cancelled, but none dropped from the sky, and at the time of writing, not a single government has fallen.

Passengers wait for their flights at the Cancun airport in Quintana Roo state, Mexico on 19 July, 2024.

Airports across the world were forced to ground planes. Photo: AFP/ELIZABETH RUIZ

But life doesn't always imitate art.

And cyber security experts are emerging from the past 24 hours more worried, not less.

"The key to resilience is not in predicting the future, but in being prepared to adapt," Shane Ripley, chief information security officer at cyber security firm Recorded Future said.

"Yesterday was a clear indication that the collective 'we' is certainly not ready to adapt".

On top of that, we may have sleepwalked into what Dr Ripley calls a "shadow risk" as great as those that dominate our nightmares and screenplays.

That risk, he argued, is the over-reliance of the world's critical systems on a shrinking pool of service providers.

Put simply, there are too many of us using too few of the same tech companies - all in the name of cost-saving and convenience.

"There is a cost to that convenience and we all paid that yesterday," Dr Ripley said.

Many in the cyber security field, including Professor Buckland, are now questioning whether it's even been a wise trade.

"It gives us all of the benefits of using this great software from [these] companies but it is a risk," Professor Buckland said.

"With airlines using it, banks using it, we do have to think: what other risks are we accepting as well as the benefits?"

If we want to stop short of the 13th minute in every single disaster film, we might have to change.

"Better legislation and guidance is needed … the smallest deed is better than the greatest intention," Dr Ripley said.

"We need action, not ideas, to stop this re-occurring."

- ABC

Get the RNZ app

for ad-free news and current affairs