Security

Global tech outage raises information security alert – China Daily


CrowdStrike logo is seen in this illustration taken July 29, 2024. [Photo/Agencies]

A glitch in a software update developed by a cybersecurity company in the United States caused widespread disruptions last month, affecting computers globally, grounding flights and interrupting banking services. Incidents like this underscore the vulnerability of key digital infrastructure in a connected world, experts said.

They added that China remained largely immune to such disruptions, highlighting the need for developing technology independence to ensure information security.

On July 19, as CrowdStrike released a faulty software update, millions of Microsoft Windows users were hit by the “blue screen of death”.

The impact was felt across the world, leading to media services being suspended and medical systems collapsing at healthcare facilities. Almost 30,000 flights were delayed on that day and nearly 7,000 were canceled worldwide, according to Euronews.

Microsoft put the number of affected Windows devices at about 8.5 million.

Australian web security consultant Troy Hunt called the malfunction the “largest IT outage in history”.

The episode highlighted the fragility of the current technology landscape where key digital infrastructure such as operating systems fall prey to tech glitches, Liu Jiqiang, dean of the School of Software Engineering at Beijing Jiaotong University, told China Daily.

“Considering the significant consequences of such failure, relevant companies should provide compensation to the security victims and make commitments to providing proper future updates and contingency plans in case of emergency,” said Liu, who specializes in computer and information security.

Almost a week after the disaster, CrowdStrike CEO George Kurtz said 97 percent of the company’s Windows sensors were back online, but experts warned that full recovery might take longer.

Despite the widespread disruptions, key pillar industries across the Chinese mainland, such as government services and airports, remained untouched as the occurrence had a relatively limited impact on China, Kong Xiangyan, head of the Endpoint Security Department of 360 Digital Security Group, told China Daily.

The repercussions of this tech fault in China were felt mainly among multinational companies and industries with significant overseas operations, Kong said.

Self-reliance in the field of technology helped China avoid being hit by the glitch as domestically developed endpoint security protection software is widely used in China, especially in industries crucial to the economy and the livelihood of the people, Kong said.

Such an incident, to some extent, can be called a “good “thing as it serves as an alert about security risks in a digitized world dependent on just a handful of providers, said Liu of the School of Software Engineering.

The outage “is the result of a software monopoly that has become a single point of failure for too much of the global economy”, George Rakis, executive director of the advocacy group NextGen Competition, said in a statement.

Microsoft’s Windows is the most widely used computer operating system in the world, accounting for about 70 percent share of the desktop, according to Statista.

It serves as a wake-up call for more resilient supply chains in the information infrastructure sector, Liu said.

Liu highlighted the risks of management lapse and the errors in system development, saying such a mishap could have been avoided had the system been better designed and tested.

He cited the example of a method used by railway transportation, in which three different systems are put in place to monitor and detect signals. The final decision or action is only taken when at least two out of the three systems agree. This ensures increased safety and reliability by reducing errors or failures from a single system, Liu said.

“The outage is likely to intensify regulations for critical services and risk management,” Madeleine Stevens, an IT expert at Liverpool John Moores University, was quoted by Xinhua as saying.

Liu said the keyword “security “was mentioned a dozen times in the resolution adopted at the third plenary session of the 20th Central Committee of the Communist Party of China, underlining the nation’s determination to achieve self-sufficiency in key technological infrastructure.

“We will establish risk monitoring, early warning, and response systems to safeguard science and technology security, and ensure self-sufficiency in scientific and technological infrastructure,” the resolution said.

Technology and information security constitute a broader concept of national security, whose importance can never be overstated, Liu said.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.