The CrowdStrike Outage Shows How Vulnerable We Have Become

The damage has yet to be quantified, but estimates run to the billions.

August 21, 2024
crowdstrike
Passengers wait at Milwaukee Mitchell International Airport after airlines grounded flights worldwide due to a tech outage caused by an update to CrowdStrike’s “Falcon Sensor” software. The glitch crashed Microsoft Windows systems around the world on July 19, 2024. (Jennah Moon/REUTERS)

You had probably never heard of CrowdStrike before July 19, when the software glitched, flooding the world with blue screens of death that threatened to stop the globe from turning. Starting with a faulty security update in Australia, the wave spread around the planet, grounding planes, freezing banking services and preventing medical operations. It was an unprecedented global outage of vital information technology (IT) infrastructure triggered by a single company having a bad tech day. But it has underlined the risks we run in our rush to incorporate technology into every corner of modern life.

The damage caused by the CrowdStrike incident is yet to be quantified, though estimates run to the billions. Undoubtedly, the company will be facing lawsuits all over the world as those affected seek someone to blame. But aside from the liability question, the global IT outage highlights the fragility of our tech-optimized society, particularly when so much of the tech we rely on is concentrated in the hands of a small number of mega corporations. It was CrowdStrike’s connection to Microsoft’s systems that gave it the global reach and colossal impact through the Windows systems that dominate both public and private sector software infrastructure.

And it is not only an IT glitch that could leave humanity in the dark. Bad actors, poor maintenance, energy shortages, droughts or lack of funds could all wreak havoc with assistance we rely on.

Hospitals have long been the target of malicious actors. This year, a cyberattack on hospitals in London in the United Kingdom caused 1,130 planned operations and 2,190 outpatient appointments to be postponed. For the very real people affected, the attack could have life-changing consequences.

Humanity is not the only Achilles heel of our tech dependency. We commit our lives to the cloud, as if it were some magical, ethereal, untouchable space. In reality, we are storing our digital lives in environmentally unsustainable data centres that are both vulnerable to and causative of elemental risks.

In 2021, OVHcloud, Europe’s largest cloud-hosting provider and the third largest in the world, saw two massive data centres destroyed by fire overnight, with two more shut down temporarily to prevent further damage. But the impact went far beyond the physical fire in Strasbourg, France; at the incident’s height, 3.6 million websites were down. Cryptocurrency and encryption services, news services and government websites were all knocked out due to an electrical malfunction.

Perhaps even more concerning, much of the data was, quite simply, unrecoverable. The question then arises: Do we need the data, and do we need the data centres, on this scale? And if we do, how do we protect them? The collection of so much data in one location, with backup stored in the same place, ensured total destruction of digital records. As big tech rushes to build more and more data centres to meet the massive needs of the generative AI boom, this kind of risk is only exacerbated in places where thirsty tech is leaving people and the planet parched. Our reliance on big tech is turning our planet into a tinderbox.

And in a modern-day twist on book burning, last year, the British Library, the repository of centuries of knowledge, was the victim of a ransomware attack that took its catalogue offline for months and exposed untold amounts of sensitive data. Shelves full of ancient and modern books stored carefully in temperature-controlled environments could not be read. When technology, billed as improving access to information, failed, human knowledge was trapped behind invisible bars. We need to prepare and plan for analogue backup for when the systems inevitably fail us.

To plan for a sustainable human future, we must be prepared to step away from the technology. Just as research has shown that reliance on Global Positioning System devices negatively impacts our ability to navigate the world on our own, a recent study seems to show that reliance on generative AI may improve students’ scores when they use the tech but leave them worse off in the aftermath. Unchecked dependency on technology in the hands of a few may leave us, quite literally, unable to find our way, if and when the lights go out. The CrowdStrike global IT outage should give us pause to ask some basic questions that are vital for our future: What do we really need technology for? How do we protect the infrastructure we need? And how do we make sure we can still carry on without it?

We cannot afford to ignore the risks of dependence on technology in our hopeful haste to embrace the positives. When we look to the future, we have to be ready to see clearly, even when the lights go out.

This piece first appeared in Tech Policy Press.

The opinions expressed in this article/multimedia are those of the author(s) and do not necessarily reflect the views of CIGI or its Board of Directors.

About the Author

Susie Alegre is a CIGI senior fellow and an international human rights lawyer.