By Richard Forno, University of Maryland, Baltimore County

The global information technology outage on July 19, 2024, which disrupted organizations ranging from airlines to hospitals and even delayed the delivery of uniforms for the Olympic Games, represents a growing concern for cybersecurity professionals, businesses and governments.

The outage showed how deeply interdependent organizational networks, cloud computing services and the internet have become — and how many vulnerabilities that interdependence can create.

In this case, a faulty automatic update to CrowdStrike’s widely used Falcon cybersecurity software caused PCs running Microsoft’s Windows operating system to crash. Many affected servers and PCs needed to be fixed manually, which created an enormous challenge for organizations with thousands of machines spread around the world.

For Microsoft, the problem was compounded because the company released an update to its Azure cloud computing platform at roughly the same time as the CrowdStrike update.

Microsoft, CrowdStrike and companies such as Amazon issued technical workarounds for customers able to take matters into their own hands. But for many global users, especially large companies, the outage was not a quick fix.

Modern technology incidents, whether caused by cyberattacks or technical failures, continue to paralyze the world in new and surprising ways. Massive incidents like the CrowdStrike update fault do not merely create chaos in the business world. They disrupt global society itself.

The economic losses from such incidents — lost productivity, recovery costs, business disruption and individual inconvenience — are likely to be extremely high. As a former cybersecurity professional and current security researcher, I believe the world may finally be realizing that modern information-based society rests on a fragile foundation.

The Bigger Picture

On June 11, 2024, a post on CrowdStrike’s own blog seemed to predict this type of situation: a global computing ecosystem compromised by one vendor’s faulty technology. They likely did not expect their own product to be the cause.

Software supply chains have long been a serious cybersecurity concern and a potential single point of failure. Companies such as CrowdStrike, Microsoft, Apple and others have direct, trusted access to organizations’ and individuals’ computers. As a result, users must trust that these companies are secure and that the products and updates they release are well-tested before reaching customer systems.

The 2019 SolarWinds incident, which involved a hacked software supply chain, may now look like a preview of the CrowdStrike outage.

CrowdStrike CEO George Kurtz said the outage was “not a security incident or cyberattack” and that “the issue has been identified, isolated and a fix has been deployed.” From CrowdStrike’s perspective, that may be true. The company was not hacked.

But that does not mean the effects of the incident will not create security problems for customers.

In the short term, some organizations may disable internet security devices or protections in an attempt to recover faster. In doing so, they may open themselves to criminals trying to penetrate their networks.

Users may also become targets for scams that exploit confusion and panic around the outage. Overwhelmed users might accept fake assistance that leads to identity theft or spend money on bogus solutions.

What Organizations Should Do

Organizations and users will need to wait until reliable fixes are available or recover on their own if they have the technical ability. After that, there are several important lessons to consider.

First, companies must make sure the products and services they use are trustworthy. That means conducting due diligence on vendors, especially for security and resilience. Large organizations often test product upgrades and updates before releasing them internally, but that may not always happen with routine products such as security tools.

Second, governments and companies need to emphasize resilience when designing networks and systems. That means avoiding single points of failure in infrastructure, software and workflows. It also means understanding whether critical products depend on other products or infrastructure in ways that could create hidden vulnerabilities.

Third, organizations need to renew their commitment to best practices in cybersecurity and general IT management. A robust backup system, for example, can make recovery easier and reduce data loss. Strong policies, procedures, staffing and technical resources are also essential.

The Patch Management Dilemma

Software supply chain problems like this create a difficult tension.

For years, one of the standard recommendations in IT has been to keep systems patched and current. That advice still matters. Unpatched systems can leave organizations vulnerable to attackers and known security flaws.

But incidents like the CrowdStrike outage show that updates themselves can also introduce risk. Organizations now have to weigh the danger of delaying updates against the possibility that a trusted vendor’s update could cause widespread disruption.

That does not mean organizations should stop updating systems. It means resilience, testing, backups and recovery planning matter more than ever.

Why This Matters

The CrowdStrike outage was not just a bad technology day. It was a warning about how connected and fragile modern digital life has become.

Airlines, hospitals, businesses, governments and individuals now rely on overlapping layers of software, cloud services, cybersecurity tools and automated updates. When one trusted component fails, the effects can ripple across the world.

That is the strange paradox of modern technology. The systems designed to protect and connect us can also become the systems that expose how vulnerable we are.

Richard Forno is a Principal Lecturer in Computer Science and Electrical Engineering at the University of Maryland, Baltimore County.

Editor’s Note: This article is republished from The Conversation under a Creative Commons license.

ad image book series

Uncover the Secrets of The Midas Files Book Series

Step into The Midas Files, a Pittsburgh-rooted techno-thriller series where quantum mystery, ancient power, corporate ambition, and otherworldly secrets collide. Start the journey with The Midas Protocol: Midas Files Book One by Matt De Reno.

Buy on Amazon