/dqc/media/agency_attachments/3bO5lX4bneNNijz3HbB7.jpg)
Follow Us/dqc/media/media_files/NUnt8Xy6VTUlM8xRANl7.jpg)
The IT outage on July 19 happened when the CrowdStrike software update signalled a logic error. This led to a system crash and caused the ‘blue screen of death’ that many saw on their affected devices.
CrowdStrike later informed that a sensor configuration update for Microsoft Windows systems that went wrong was the cause of the havoc.
The logic error has since been corrected and systems are returning to normal around the world, said CrowdStrike in a release covering the technical details of the outage.
However, in India, the impact was not so massive as clients use diverse solutions and products.
IT leaders have given their statements about the event.
Comment
Manish Chasta, Co-Founder and CTO, Eventus Security said, "Large-scale outages like this one are rare, making them prime opportunities for attackers to observe how we operate under pressure. They scrutinise everything, from our reaction times to our communication tactics and recovery strategies, seeking out potential vulnerabilities. The fear of overreacting can cause organisations to delay essential updates, inadvertently creating further openings for malicious actors."
He continued, "By closely examining our response, adversaries can identify weak points in our defenses and exploit them. It is crucial that we not only address the immediate issue but also strengthen our overall cybersecurity posture to prevent future incidents."
"This incident highlights the critical role that large tech companies play in our national cybersecurity landscape. It's essential that we learn from this outage. Our adversaries are paying close attention to how we respond, gathering valuable insights that could be used in future attacks," he concluded.
Manoj Ajgaonkar, Partner, Digital, Trust and Transformation, Forvis Mazars in India said, "The recent global outage affecting millions of Microsoft Windows users, resulting in the "Blue Screen of Death" error, poses significant operational challenges and heightens cybersecurity risks by exposing systems to exploitation. It is important to understand the critical nature of these disruptions and their impact on businesses. To safeguard our clients' interests and ensure resilience, it is crucial to address these issues proactively with robust backup systems, automated rollback mechanisms, rigorous testing of updates, and comprehensive business continuity plans. During such outages, systems are more vulnerable to cybersecurity threats, leading to potential data breaches and unauthorised access.As suggested by OEM, the current issue involves booting Windows into Safe Mode, deleting a specific file in the CrowdStrike directory, and rebooting the system. While time-consuming, it restores system stability. At Forvis Mazars, we are committed to helping our clients navigate these challenges by implementing advanced cybersecurity measures, conducting regular security audits, and providing client education to keep their operations secure and resilient amidst digital disruptions."
Amitansu Satpahy, Founder, BPE said, "Microsoft’s software glitch wreaked havoc on airline operations, delaying everything in sight. Amidst the chaos, numerous international travellers arrived, fashionably late, for the event, thanks to their delayed flights. They joked that Indians were to blame, given that Indians handle all IT worldwide. However, Indian tech geeks also worked hard to set things right."
Veeraswamy Meka, CEO, Shrilakshmi Innovations reminded, "On Microsoft global outage, Dr Sanjay Bahl, DG, Indian Computer Emergency Response Team says, "It is a technical glitch. Because if you look at cybersecurity it consists of three things, confidentiality, integrity and availability. It has affected the availability aspect. So it has not affected anything other than availability. Its impact in India was much less as compared to the Western countries. And the reason is that it has to be purchased separately and not many people have bought it as a tool to protect themselves. There are other competing products available as well and people use those products instead of using only one product from CrowdStrike."
The incident shows that it's imperative for the IT industry to offer diverse products and solutions, as over-dependence upon a single product and solution not only makes the business their monopoly, but it also can wreak havoc if something goes wrong with that product or solution.