‘Wake-up call’: CrowdStrike outage highlights rising 'single point of failure' risk
It is increasingly common for millions of computers to be sharing the same software. That can put global infrastructure at risk.
Earlier this year a Microsoft engineer named Andres Freund decided to kill time on an international flight by reviewing some of the open-source database code he usually works on. By chance, he stumbled upon a few suspicious error messages.
That discovery led, weeks later, to Freund discovering a years-long effort by a hacker or hackers to build a backdoor into software widely used on Linux, an open-source operating system. If they succeeded, they would have had masterkey access to millions of systems around the world.
It could have been a catastrophe. Yet though the incredible near-miss was a scandal within the IT world, it failed to alarm the general public. Friday’s outages, in which buggy cybersecurity software pushed out by CrowdStrike brought the world’s tech infrastructure to its knees, is a reminder that single points of failure exist, and they pose a serious risk to the global economy.
“This is the wake-up call moment,” said Katherine Mansted, executive director of CyberCX, an Australian cybersecurity firm. “This is a collective action challenge. Individual companies, no matter how big they are, won’t solve it. Individual governments won’t solve it.”
