Global Microsoft-CrowdStrike Outage Shows How Vulnerable We Are
Susie Alegre / Aug 15, 2024Susie Alegre is a senior fellow at the Centre for International Governance Innovation (CIGI) and an international human rights lawyer.
Many had probably never heard of CrowdStrike before July 19 when it flooded the world with blue screens of death. Starting with a faulty security update in Australia, the wave spread around the planet, grounding planes, freezing banking services, preventing medical operations and causing flight delays. It was an unprecedented global outage of vital IT infrastructure triggered by a single company having a bad tech day. But it has underlined the risks we run in our rush to incorporate technology into every corner of modern life.
The damage caused by the CrowdStrike incident is yet to be quantified, though estimates run to the billions. Undoubtedly the company will be facing lawsuits all over the world as those affected seek someone to blame. But aside from the liability question, the global IT outage highlights the fragility of our tech optimized society, particularly when so much of the tech we rely on is concentrated in the hands of a small number of mega corporations. It was CrowdStrike’s connection to Microsoft’s systems which gave it global reach and colossal impact through the Windows systems that dominate both public and private sector software infrastructure.
And it is not only an IT glitch that could leave humanity in the dark. Bad actors, poor maintenance, energy shortages, droughts, or lack of funds could all wreak havoc with the systems we rely on.
Hospitals have long been the target of malicious actors. This year, a cyberattack on hospitals in London in the UK caused 1,130 planned operations and 2,190 outpatient appointments to be postponed. For the very real people affected, this could have life changing consequences.
Human error is not the only Achilles heel of our tech dependency. We commit our lives to the cloud, as if it were some magical, ethereal, untouchable space. But in reality, we are storing our digital lives in environmentally unsustainable data centers that are both vulnerable to and causative of elemental risks.
In 2021, OVHCloud, Europe's largest cloud hosting provider and the third largest in the world, saw two massive data centers destroyed by fire overnight with two more shut down temporarily to prevent further damage. But the impact went far beyond the physical fire in Strasbourg, France – at its height, 3.6 million websites were down. Cryptocurrency and encryption services, news services, and government websites were all knocked out due to an electrical malfunction.
But perhaps even more concerning, much of the data was, quite simply, unrecoverable. The question then arises – do we need the data, and do we need the data centers on this scale? And if we do, how do we protect them? The collection of so much data in one location, with backups stored in the same place, ensured total destruction of digital records. As big tech rushes to build more and more data centers to meet the massive needs of the generative AI boom, this kind of risk is only exacerbated in places where thirsty tech is leaving people and planet parched. Our reliance on big tech is turning our planet into a tinderbox.
And in a modern-day twist on book burning, last year, the British Library, the repository of centuries of knowledge, was the victim of a ransomware attack which took its catalog offline for months and exposed untold amounts of sensitive data. Shelves full of ancient and modern books stored carefully in temperature-controlled environments could not be read. When technology, billed as improving access to information, failed, human knowledge was trapped behind invisible bars. We need to prepare and plan for analog backups for when the systems inevitably fail us.
To plan for a sustainable human future, we have to be prepared to step away from technology. Just as research has shown that reliance on GPS systems negatively impacts our ability to navigate the world on our own, a recent study seems to show that reliance on generative AI may improve students’ scores when they use the tech, but leave them worse off in the aftermath. Unchecked dependency on technology in the hands of a few may leave us, quite literally, unable to find our way if and when the lights go out. The CrowdStrike global IT outage should give us pause to ask some basic questions that are vital for our future – what do we really need technology for? How do we protect the infrastructure we need? And how do we make sure we can still carry on without it?
We cannot afford to ignore the risks of dependence on technology in our hopeful haste to embrace the positives. When we look to the future, we have to be ready to see clearly, even when the lights go out.