Elements of the global IT outage, which grounded planes and affected services from banking to health care, have already happened before. Until additional safeguards are built into networks and organizations put better backup plans in place, it will happen again.
CrowdStrike
Friday’s outage prompted an update that US cyber security firm CrowdStrike sent to its customers early Friday morning. There was an incompatibility with Microsoft’s Windows operating system, rendering devices worldwide unusable.
CrowdStrike has one of the largest shares of the highly competitive cyber security market providing such tools. To has led some industry analysts to question whether control of such mission-critical software should remain in the hands of just a few companies.
The outage also raised concerns among experts that many organizations are not well prepared to implement contingency plans when a key point, such as an IT system or a piece of software within it, stops working.
“It’s easy to jump to the idea that this is catastrophic and therefore suggest that there must be a more diverse market and in an ideal world, we would have that,” said Ciaran Martin, former head of the UK’s National Cyber Security Center (NCSC).
“In fact, we are good at managing the safety aspects of technology when it comes to cars, trains, planes and machinery. What we are bad at is service delivery.”
“Look at what happened to the London health system a few weeks ago – they were hacked. This led to a lot of canceled operations, which is physically dangerous.” He referred to the recent ransomware incidents that hit the UK’s National Health Service (NHS).
Microsoft and CrowdStrike own large parts of the market
Organizations need to look at their IT systems, Martin said. They must ensure sufficient security and backup systems to remain operational in the event of an outage.
The outage on Friday was due to a perfect storm considering that Microsoft and CrowdStrike own large parts of the market which relies on both of their products.
“I’m sure regulators around the world are looking at this. There is limited competition globally for operating systems and for major cybersecurity products such as those provided by CrowdStrike,” said Nigel Phair. He is a professor of cyber security at Monash University in Australia.
The outages on Friday hit airlines in particular. Many passengers who were trying to check in and board they relied on digital flight tickets. Some passengers posted photos on social media of handwritten tickets given to them by airline workers. Others could only fly if they had a printed ticket.
“I think it’s very important for organizations of all shapes and sizes to really look at their risk management. They have to take an all-hazards approach,” Phair said.
The interruption on Friday will not be the last time the world be pointed to the dependence on computers and IT products for the functioning of basic services. In about 14 years, the world will face a time-based problem similar to the Millennium Error called the “2038 Problem”.
The millennium bug, or “Y2K,” happened because early computers were saving memory space. They counted only the last two digits of the year. This meant that many systems they couldn’t tell the difference between 1900 and 2000, leading to critical errors.
Costs to mitigate the problem in the years before 2000 reached a global bill of hundreds of billions of dollars.
Problem 2038, which begins on January 19, 2038, is essentially the same problem
Many computers measure the passage of time by counting the seconds since midnight on January 1, 1970, known as the “Epoch”.
Those seconds are stored as a final sequence of zeros and ones, or “bits”. However, for many computers, the number of bits that can be stored reaches its maximum in 2038.
“Right now we have a situation where there is a huge global upheaval. We cannot cope administratively,” said Ciaran Martin, the former boss NCSC-a.
“We can handle the security aspects, but we can’t handle the service delivery when key networks go down.”
Source: Reuters
The post Without backup plans, global IT outages will happen again first appeared on PC Press.
Source: pcpress.rs
