On July 19, 2024, a seemingly routine software update became a global nightmare. CrowdStrike, a cybersecurity giant trusted by countless organisations worldwide, inadvertently released a faulty update that brought systems crashing across the globe. As someone who relies on technology daily, personally and professionally, I couldn’t help but feel a chill run down my spine as I watched the chaos unfold.
Let’s be clear: this wasn’t a cyberattack. It was an honest mistake, a “logic error” in the code that slipped through testing. But that’s precisely what makes it so terrifying. Imagine what a coordinated, malicious attack could do if a simple update can cause this much havoc.
The scale of the disruption was staggering. Airlines grounded, hospitals scrambled, and supermarkets closed their doors—it felt like scenes from a disaster movie. But this was our reality for several hours. And while CrowdStrike worked tirelessly to fix the issue, the ripple effects continued for days.
Here’s the sobering truth: our world is incredibly fragile. We’ve built a digital house of cards, and it doesn’t take much to bring it all down. This incident exposed just how interconnected and vulnerable our systems are. One faulty line of code, and suddenly, millions of people can’t access their bank accounts, board their flights, or even get emergency medical care.
Now, let’s take a moment to consider a chilling “what if” scenario. What if this wasn’t an accident? What if it was an intentional attack designed to cripple our infrastructure for weeks or even months? The economic impact would be devastating. Businesses would shutter, supply chains would grind to a halt, and the very fabric of our society would be tested.
We talk about attacks on critical infrastructure, such as the water supply, internet, or electricity distribution networks, but not so much the other things entrenched in our daily lives. The COVID-19 pandemic also showed how vulnerable we are when supply chains are tested, compounded by Russia’s invasion of Ukraine.
This isn’t fear-mongering; it’s a wake-up call. The CrowdStrike incident has shown us the cracks in our digital foundation, and we need to take action before those cracks widen into chasms.
So, what can we do? For starters, we need to rethink our approach to cybersecurity. It’s not just an IT problem; it’s a fundamental business and societal risk. We need redundancy in our systems, better testing protocols, and more robust incident response plans.
On a personal level, we all need to be more aware of our digital dependencies and have backup plans. Do you know how you’d access your important documents or communicate with loved ones if the internet went down for an extended period?
This incident should spark serious conversations about digital resilience for businesses and governments. We need to invest in diversifying our technological infrastructure, much like we diversify financial investments to spread risk. Relying too heavily on a single vendor or system is a recipe for disaster.
The CrowdStrike incident was a glimpse into a potential future we must work hard to avoid. It’s a future where our digital vulnerabilities become our Achilles’ heel, capable of bringing entire nations to their knees.
But it’s not all doom and gloom. This wake-up call can be the catalyst for positive change. By acknowledging our vulnerabilities and taking proactive steps to address them, we can build a more resilient digital world—one that can withstand not just accidental glitches but intentional attacks as well.
As we move forward, let’s remember the July 19, 2024 lessons. Let’s use this experience to strengthen our defences, improve our systems, and ensure that our digital future is built on a foundation of resilience, not fragility. The clock is ticking, and the stakes couldn’t be higher. It’s time to act.
There is nothing surprising here! Its been obvious for anyone who stopped to think that cloud or internet first is a recipe for a disaster. I’m sure there are 1000’s of engineers saying just that all over the world, and biting their lips not to say to their bosses told you so!
Yes the internet is a vital component but it should be an add on to local apps and data wherever possible and never internet first for critical apps and data, unless there is absolutely no alternative for the application.
Anyone who even considers using subscription type software that requires cloud access to work is just asking for trouble. Just wonder who the tax authorities will blame when there is a hack or other error that takes out customer tax data, bet it will the tax payer that will be fined!
Its just not just almighty mess ups like Crowdstrike’s or even hackers , but there are natural risks such as heavy solar flares or god forbid nuclear strikes.
Keep you app local and your data even closer!