The planet was recently struck by CrowdStrike. If you didn’t want to get on a ‘plane, a train, book something, transfer money, do something with the NHS, watch Sky News’ – I could go on but you get the picture – you were probably alright.
Unbelievably, all the above sectors of our lives (and more) all succumbed to the Blue Screen of Death. If you were only on your own PC or phone you probably didn’t notice – because the CrowdStrike problem was almost exclusively related to business.
This was an update to anti-virus – yes, anti-virus – software supposed to protect Microsoft Windows devices from malicious attacks. In the event, it was one line – ONE LINE – of code which was wrong and brought everything crashing down. Amongst other small matters some 4,500 flights were cancelled and 30,000 delayed. Stock exchanges had to put up notices saying what they were putting out could not be relied on.
The fix – which appeared quite quickly – was deleting that one line, and rolling back to the back-up to just before it hit. But you’d better have a top-notch IT department to do it. The problem is that every single machine affected has to be restarted in ‘Safe’ mode. Even then it might not work, and rebooting is required. I have heard of up to 15 attempts to make it work.
I could go on about the knock-on effects (payrolls un-run, train signals blinking away merrily) but I’m sure you have the picture that CrowdStrike gifted us the COVID of tech.
There are lots of very worrying aspects. Why, for example, was Microsoft (one of the world’s best developers and coders with tens of thousands of employees) outsourcing something so important as an anti-virus update for its entire business department? Why wasn’t there a cut-out that prevented everything going down? Why was there no resilience built into the system to take out an incorrect piece of code?
The answer to some of these questions is the cost which would impact the bottom line. I’m willing to bet, though, that there is a lot of deep thinking going on at CrowdStrike and Microsoft. And we haven’t even got to the litigation yet.
We have, of course, had the warnings about criminals setting up fake websites and emails to help you sort it (and incidentally getting all your details and costing you fortunes). But, hey, that’s enterprise for you.
So that was the West and CrowdStrike. What about China? Well, China didn’t really have a problem as they don’t have Microsoft systems. They have their own systems which are used everywhere. Except of course by Western companies like hotels and Western airlines and meant people using those systems couldn’t book. This is what has become known as the “Splinternet”. There are in effect two internets developing. Which in a very odd way may be a good thing. At least it gives us an alternative. Unintentional resilience, I suppose.
Temple Melville is CEO of The Scotcoin Project CIC