[Update July 22, 2024. As a reader pointed out, my original wording said that “the Internet was down.” This is incorrect – the Internet was perfectly fine. I’ve corrected my wording. And, I also corrected a typo in the CrowdStrike name.]
The system disruption caused by a badly-formatted Windows boot file autonomously distributed by CrowdStrike last Friday preventing some Windows systems from booting is a cautionary tale for all of us.
The irony is not lost on me that the worst cyber event in history was caused by a company whose sole purpose is computer security. Over 8.5 million Windows computers were affected, along with hundreds of thousands of networks running critical services across the globe.
It is easy, as a Mac user, to point fingers at “those Windows machines.” But this wasn’t a Windows problem; or even a Microsoft problem. This was caused by a company none of us had ever heard of doing things with computers that we never knew they did.
On Friday, we discovered that cloud services can be a very, very fragile thing.
I’ve written before that the cloud is simply a server in a location we don’t know, run by people we’ve never met, doing things we don’t understand. All of which are true. But, as we are learning, I should also add that the cloud depends upon a vast array of interlocked services from companies that are invisible to us. If any one of those services breaks, the damage can be widespread.
Smile… I’m not such a Luddite as to say “Down with the Internet.” As we learned over the weekend, our wonderfully complex web is essential to modern life. We could not exist without it – as airlines, hospitals, banks, and broadcasters discovered to their dismay.
Rather, my purpose is to suggest that we should not take the cloud – or cloud services – for granted. To fix the CrowdStrike problem is easy. All a Windows user needs to do is delete a single file on their internal hard drive. Provided you are sitting in front of the system and you know the password for it. But, if that drive is encrypted and the recovery password is stored on a server which is down… or that computer is stored in a remote location… or that computer doesn’t have a monitor or keyboard… or you have 1,000 systems on your network…?
As media professionals who depend upon our computers to run our businesses, the cloud is an essential component of our lives. That won’t change. But… what happens if you can’t access a cloud service for a day, or three days, or a week?
Do you have a local copy of your passwords in case your online password manager goes offline? Do you have a local copy of any media and projects you are editing if you can’t access a cloud server? Do you have access to your financial records locally? Will your plugins – or software – run if they can’t check in with an online server?
I’m not suggesting that we avoid the cloud. The cloud is far too useful. But, as we learned this past weekend, we can’t assume that the cloud will be there when we need it. We need to think about what cloud services we depend upon, then be sure we have a backup option in case they fail.
It never hurts to have a Plan B in your back pocket.
10 Responses to CrowdStrike: A Cautionary Tale
Probably just a pet peeve of mine from my earlier career in networking. But the Internet itself is the connectivity of all these things and it was not affected. It was all the window servers that were affected, but you could still communicate across the Internet just fine.
Jim:
Pet peeve or not, you are absolutely correct. The Internet is the network, servers are devices connected to the network, cloud services are software that run on servers connected to the Internet. The Internet worked fine even during the CloudStrike mess.
My apologies for such a loose use of meaningful terms. I’ve corrected my commentary.
Larry
I thought the company was called Crowdstrike.
Dennis:
SHEESH!!!! I checked multiple websites while writing this and never noticed my error. (I’ve corrected my commentary.)
This proves something I’ve thought about for a long while – far too often we see what we want to see, not what’s right in front of our eyes. My apologies for the error.
Larry
Thanks for the reminder to have ready copies of my 1Password data.
Using a password manager is wonderful, with 12-characters all randomly selected … and it is great to not have every one of my passwords as ronnieronron1995! (not my actual password for anything).
But not having access to the password info would be devastating.
Ron:
Yeah… that’s the principle reason I haven’t upgraded to their cloud-version. There’s too much critical data that I can’t afford to have access to.
Larry
Thank you for the insightful message. I will share it with friends.
to me, as an IT professional, who also does video production, it is a reminder that any update to your computer, from Microsoft, Apple crowd, strike, or whoever has the opportunity to cause problems that could be very disruptive to your business for days. Microsoft themselves have pushed out patches and then patches for the patches over the years, and Macintosh has not been entirely free of issues either, so we have to remember that Apple is primarily a consumer and business client machine and not one of the servers in the back room or the cloud. I’m not even sure that Apple is running their own product in their cloud servers. I’m under the impression they’re using Amazon, which uses Linux. at any rate, the point is that it is often worthwhile to turn off automatic updating and wait a day or two until patches that have been pushed out have been tried by the rest of the world before putting them on your own machine. I believe that Larry and others advocate for that normally, this is a really good reminder that they pushed to you might not be something you want right away
Al:
I agree. Wherever possible, avoid automatic updates. In the case of CrowdStrike, that was not possible. But, for Mac users, always wait before upgrading.
Larry
Ha… another irony. The name of the invisible “man (company) behind the curtain”. Crowd… strike.