Cloud ‘best place to do business’ despite CrowdStrike’s global meltdown
CrowdStrike’s outage shutdown big banks, hospitals, retailers and airlines. While the world survived, experts say next time we might not be so lucky.
Cloud computing is still the most secure and efficient environment for businesses to operate, despite CrowdStrike’s outage costing the global economy billions of dollars, the head of the world’s biggest multimedia and information company says.
Business leaders are completing their own autopsies of the world’s largest tech outage – triggered by a botched software update 10 days ago, which knocked out big banks, hospitals, retailers and grounded airlines in a level of disruption similar to a cyber attack.
Thomson Reuters chief executive, Australian-born Steve Hasker, said the shutdown was an “early warning” for cloud providers amid calls the meltdown could have been much worse.
Mr Hasker’s comments echoed White House tech adviser and vice president of SAS’s data ethics practice Reggie Townsend, who told The Australian that CrowdStrike’s outage was the “world’s largest stress test”.
The faulty update rendered more than 8.5 million Windows-based computers useless, displaying what is known as the “blue screen of death”, but Microsoft said this accounted for about 1 per cent of PCs globally that run its operating system.
Mr Hasker, who launched a cloud-first strategy at Thomson Reuters soon after his appointment four years ago, said the “blast radius of an outage is larger and felt more quickly in a truly interconnected environment” but it can also be remedied faster.
“The cloud obviously is a very important part of that,” he said.
“Based on everything that we look at – all the assessments we run – the cloud is a more secure environment than a proprietary system just because of the sheer resources that are put against cloud security and the flexibility it provides.
“There’s always a greater risk in terms of timeliness and the blast radius, but the ability to put in place fixers, to track and trace where the issues come from and then to remediate is significantly better.”
But he said there were key leanings from the CrowdStrike outage, which hit some of the world’s biggest companies, including Australia’s top four banks, Coles, Woolworths and Qantas.
“This is what we worried what Y2K would be,” Mr Hasker said, highlighting what was known as the millennium bug.
“You know, people sitting around at airports, not able to check into hospitals, have elective surgeries cancelled – all sorts of very significant implications. It’s been probably the biggest stress test so far.
“But the CrowdStrike example, hopefully, is an early warning for certainly cloud providers but anyone providing software and doing these updates can learn from in terms of the need to run the double checks and follow all the right protocols.”
Mr Townsend, who is on the US National Artificial Intelligence Advisory Committee, which advises the White House, said CrowdStrike’s outage had sparked some philosophical questions.
Cloud computing and data centres – while vital in connecting businesses and consumers to perform everyday tasks from buying groceries to internet banking – are the backbone of artificial intelligence.
“At SAS, obviously, we have our concerns. However, none of our core services were interrupted. We’re very interested to make sure that our customers are also not affected, and so far that has not been the case,” Mr Townsend said about the CrowdStrike outage.
“But it does open up the space for us – because we’re not dealing with the technical issues – to think about the philosophical issues, which is in a world where there’s kind of this always on interconnectedness, where are the points of fragility that we need to be most concerned about?
“I don’t know if any of us have the final conclusions just yet. But the notion of all things being centralised with a couple (of providers) is probably not the best model for the world. Clearly there is some benefit we gain from that, and so how do we maximise that benefit, while at the same time decentralising a bit so we can eliminate some of the fragility and vulnerabilities.”
Mr Townsend said these were key questions to be answered to avoid another mass shutdown. “I’m comforted that this was, if you will, kind of the world’s largest stress test. But next time that may not be the case.”
CrowdStrike CEO George Kurtz said about 97 per cent of Windows sensors were back online but warned “our work is not yet complete”.
“We remain committed to restoring every impacted system,” Mr Kurtz said.
“To our customers still affected, please know we will not rest until we achieve full recovery. I am deeply sorry for the disruption this outage has caused and personally apologise to everyone impacted. While I can’t promise perfection, I can promise a response that is focused, effective, and with a sense of urgency.”
More Coverage
