IT’S easy to be wise after the fact, but if I’d been setting up a cybersecurity firm I don’t think I would have called it CrowdStrike.
Of course I would never have imagined that it might end up wreaking havoc worldwide, literally striking down digital services on which millions depend. But “defence” or “security” or “safety” might have been worked into the name somehow. Less about striking, more about repelling.
In the long run, though, it may be that Friday’s entirely accidental “strike” will prove the best form of defence, as urgent questions are now being asked about how companies worldwide left themselves so vulnerable that a tiny coding slip-up managed to disrupt everything from airlines and broadcasters to banks and GP surgeries.
READ MORE: Do other European countries have the two-child benefit cap like UK?
If this much mayhem could be caused by mistake, how much could be caused by a malicious actor intent on blocking bank accounts, grounding flights and possibly much, much worse?
It’s not as if no-one saw this coming, either. Indeed, as The Guardian reported at the weekend, one of CrowdStrike’s own executives gave a talk last month that warned about “the monoculture problem”.
In agriculture, monoculture refers to the cultivation of a single crop with little genetic diversity, meaning it is susceptible to being wiped out by disease or pests. In a digital context, it means too many organisations relying on a single, fallible provider, making them vulnerable to a cyber-blight.
Speaking at a Washington Post event, CrowdStrike’s vice-president Drew Bagley drew attention to the fact that many government entities were “extraordinarily reliant on one major vendor” for their operating systems, cloud storage, email, video conferencing facilities and much more. In case there was any doubt which one he was talking about, he went on to highlight that the US’s Cyber Safety Review Board had found Microsoft’s security culture to be inadequate.
“We can no longer tolerate solutions or architectures that risk crumbling from a single point of failure,” he said.
He certainly wasn’t wrong! He just presumably didn’t expect that single point of failure to originate within his own company, causing Microsoft Windows to crash on 8.5 million devices worldwide.
I was in London when the CrowdStrike update was released, gearing up for a weekend of culture. The young folk might cringe with embarrassment when us digital non-natives produce print-outs – train ticket, theatre tickets – but perhaps they’ll think twice going forward. A staggering 66% of my generation (millennials) and 72% of Gen Z report putting all their faith in their phones and leaving their bank cards at home, presumably believing their devices to be infallible (despite, as I griped about in a recent column, planned obsolescence and battery deterioration being a clear part of phone companies’ business model).
The one ticket I didn’t have on me was for Friday night, as this was to come in the form of a dreaded dynamic QR code.
It could not be printed or even screenshot in advance, indeed it could not even be viewed until 2.30pm on the day of the performance. When we arrived, signs on the theatre doors indicated they had been forced to abandon the whole hoopla.
Attendees were asked instead to show the screen where the QR code would have displayed, had the process run smoothly, or a booking confirmation email, which anyone could easily have forwarded on to a freeloading friend once they had realised the anti-touting measures had crumbled.
So where do we go from here? A blip at a theatre entrance is a minor inconvenience, and a delayed or cancelled holiday a major one, but at the weekend patients had their cancer treatments postponed and hospitals had to declare critical incidents as medical records disappeared from computer screens.
Clearly this level of vulnerability is dangerous, and the digital ecosystem needs to change. The trouble is, plenty of previous calls to break up tech monopolies have fallen on deaf ears. And users – including government agencies – have precious little control over how they use tech, despite almost everything we do now revolving around it.
Ironically, the origin of the CrowdStrike name is a direct reference to the wide intended reach of the company, which crowd-sources “threat telemetry” from tens of millions of endpoints, and uses it to “strike back” at potential adversaries.
The name, according to the company’s head of intelligence, is a reference the power of the crowd to provide robust defence.
READ MORE: Let’s show the UK how to debate policy like adults
The question is, has this company crowded out competition in much the same way that Microsoft, Amazon and Google are accused of doing?
Those big three account for two-thirds of the cloud provider market, while CrowdStrike has an 18% share of the endpoint cybersecurity market, which is why such a small mistake – at a company most of us had never heard of – was able to do so much damage.
CrowdStrike operates on the basis that bigger is better, but the events of the weekend show this is a double-edged sword. The question is, would greater competition make us safer in the long run, or might it simply introduce a different set of risks?
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel