.png)
by Crisis Watch | Commentary by Abhinav S Nambeesan
Research & Publications Division
When people imagine an outage of software on a global scale, they imagine it to be due to some massive solar flare, or a cyberattack- both things that experts have been warning about for many years- but not because of some mundane bug in a software. However, this is exactly what happened on 19th July, and in fact, it was something designed to prevent a cyberattack from doing something like this.
The security company Crowdstrike is one of the largest cybersecurity companies in the world, being used by corporations and government firms across the world, and has been involved as a reliable investigator in cyberattacks in the past, such as the 2016 DNC email hack. It primarily operates as the cybersecurity partner for corporations using Windows systems, and regularly releases patches and updates for its software in order to protect the systems of its corporate clients.
On 19th June, another such patch was released¹, to its ‘Falcon platform,’ which is a cloud-based software that provides broad security to devices who have it installed. This patch was supposed to update one of the files that analyze the Windows system for unusual behavior and report it to the main software, which is called Channel 291, which analyses the communication between Windows systems and various internal processes. The update was supposed to have the software look at certain communication channels that had been used in previous attacks.
However, faulty programming in the updated version of Channel 291 resulted in it conflicting with core Windows files, causing systems that had received this update within a certain timeframe to crash immediately upon starting, receiving a Blue Screen of Death (BSOD).
Because Crowdstrike works with corporate and public sector clients across the globe, the update resulted in computer systems crashing throughout the world, causing widespread disruption² across various sectors of the world economy. Airlines faced severe disruption, and the three big US airlines- United, Delta, and American- were forced to cancel all flights till the issue was resolved. Passengers posted on the internet to show boarding passes which had been written by hand, as the computers that produced them had crashed due to the outage. While only a few Indian banks were affected, many others across the world had been using Crowdstrike and experienced severe disruption. The medical sector in many countries including the US has also been affected, unable to process patient records and so needing to pause admittance and operations till the issue is resolved. Various other sectors, including transportation and the stock market, have also been affected.
The fix may take weeks to actually implement because it involves physically reconfiguring the system to start so the file can be deleted, and in the meantime, trillions of dollars of damage can occur.
The Deep Issues in the International System this Highlights
The fact that just a single error by one company can cause this much global disruption has spooked researchers³, who have been warning of the effects of a massive cyberattack for a long time. Already, several examples of cyberattacks perpetrated by enemy nations, such as the Colonial pipeline hack in 2021, for which Russian hackers are suspected to be responsible, and various cyberattacks by North Korean, Chinese, and Russian hackers on the US. Global warfare will certainly shift online as well, as can be seen in the ongoing Russia-Ukraine War⁴. Existing international law does not cover cyber warfare, and so states and non-state actors can take advantage by inflicting trillions of dollars of damage without it resulting in a declaration of war.
A well-coordinated cyber-attack backed by a powerful state can easily bring down the global economy given how interconnected the world is, and how dependent on software it has become. Hacks can freeze the outflow of goods from ports by wiping out logs, can potentially kill thousands of people by disrupting the supply of electricity to hospitals, and can even just target electricity grids and throw an entire country into a blackout.
The international arena is not ready for the effects that cyber warfare can have, and countries must take action to prepare themselves for such an event and work together to create international laws that hold states to account for their actions in cyber warfare and recognize the devastation it can create.
No comments:
Post a Comment