IT-issues - As a error caused worldwide computer problems
Computer problems are causing major issues in various parts of the world. Important questions and answers regarding the cause and effects:
What was affected?
The problems were most visible in the aviation industry. The airport in Berlin had to suspend operations surprisingly at the beginning of the holiday season. Eurowings canceled all domestic flights within Germany and those to and from Great Britain with departures before 3:00 PM. The FAA temporarily grounded flights for airlines like United, American, and Delta in the US. In northern Germany, several clinics postponed scheduled surgeries. In Great Britain, a system for booking doctor appointments in the National Health Service (NHS) was disabled. The British broadcaster Sky News and the London Stock Exchange also faced issues.
What caused the disruptions?
The problems were triggered by a faulty update from IT security service provider Crowdstrike for Windows-computers, which was automatically distributed to its customers overnight. Several hours after the outages began, Crowdstrike CEO George Kurtz announced that the issue had been identified and fixed. However, the customers' systems needed to be brought back up to the new version.
Was it not a cyber attack then?
No, Crowdstrike CEO Kurtz explicitly stated that the cause was neither a cyber attack nor a security incident. In the past, there have been cases where attackers have exploited vulnerabilities in computers with older Windows systems using Trojans that spread around the world. An attack using the WannaCry ransomware, for example, infected hundreds of thousands of computers in May 2017 and disrupted train station displays in Germany.
Were user data affected?
So far, it appears that only the computers of airlines and various other companies stopped functioning. No data was leaked.
What does Crowdstrike actually do?
The American company plays a central role in protecting against IT threats and secures, among other things, websites. Specifically, the affected service named Falcon (Hawk) Sensor is designed to monitor computer activities as a kind of early warning system to prevent attacks. "It's somewhat ironic that a system designed to protect and keep computers running is causing disruptions," commented IT security expert Mikko Hypponen from the company WithSecure.
How could something like this happen?
Normally, such updates are thoroughly tested before they are widely distributed. Crowdstrike will now have to explain why such a serious error in the software was overlooked. In the past, there have been cases where websites of various providers were unreachable due to problems with a software service provider. The outage on Friday, however, had greater implications.
Why does a flaw from a company have such far-reaching consequences?
In recent years, the concentration in the software industry has increased significantly, among other things, through acquisitions. Large corporations with many customers can operate more efficiently - and put pressure on smaller rivals. If they also develop innovative technologies like Crowdstrike, a few players suddenly become omnipresent.
Isn't that also risky, as the problems now show?
Definitely - and there have been warning signs. For example, Oxford researcher Brian Klaas warned in his book "Fluke" that these highly optimized and globally networked systems pose a potentially catastrophic risk. And a warning sign was already the hack of software service provider SolarWinds: Attackers gained access to the systems of their numerous customers, including US government agencies, through SolarWinds' maintenance programs.
Statement from Crowdstrike
The United States of America-based company Crowdstrike, known for its role in protecting against IT threats and securing various websites, issued a statement regarding the incident. They acknowledged the faulty update from their IT security service for Windows-computers as the cause, emphasizing that it was not a cyber attack or a security incident. The software issue affected a wide range of entities, including airlines in the United States like United, American, and Delta, as well as Eurowings in North Germany. The problem also affected domestic and international bookings on Eurowings, causing cancellations. In the United Kingdom, the National Health Service's system for booking doctor appointments was disabled, and broadcasting giant Sky News and the London Stock Exchange faced similar challenges. Despite the widespread disruptions, it's reassuring to note that no user data was leaked during this incident.
