Thursday, July 25, 2024

How Microsoft-CrowdStrike Caused Global Tech Meltdown – But Here’s Why China And Russia Remained Unaffected





How Microsoft-CrowdStrike Caused Global Tech Meltdown – But Here’s Why China And Russia Remained Unaffected


July 22nd, 2024 by financetwitter



Cybersecurity giant CrowdStrike was supposed to release a software update – a routine patch – to its “vulnerability scanner” Falcon Sensor on July 19, 2024. Instead, the American technology company unleashed digital chaos across the planet Earth. Within hours, flaws in the update caused Windows-based systems worldwide crashed, displaying the infamous BSOD – “blue screen of death”.



Affecting some 8.5 million devices globally, machines running Microsoft Windows were forced into a bootloop, making them unusable. The problem was particularly fatal because computers repeatedly fail the usual booting process and restart before the sequence is finished. It brings back the memory of “Y2K” problem, only this time there was no warning or time to prepare for the disaster.



From New York’s Times Square, where digital billboards went dark, to London’s Heathrow Airport, where flight information boards fell blank, the sudden global tech meltdown swept every business and government agencies like a tsunami. Even Hong Kong’s stock exchange halted shares trading, and airports from Asia to Australia ground to a halt. It was a total chaos.




Founded in 2011 by two former McAfee executives, CrowdStrike stock price lost 13% on Monday (July 22), after falling 11% on Friday, due to analysts’ downgrade. The restoration of its reputation may take more time and will likely affect new business signings at least in the near-term. There is also some possibility that it could lose out on “closely contested” deals.



Although CrowdStrike fixed the update, computers stuck in a bootloop were still unable to connect to the Internet to download the patch before Falcon can load in and crash the device again. The recommended solution, which was unveiled by CrowdStrike after some faulty codes crash computer systems, was to boot into safe mode or Windows Recovery Mode and manually delete Channel File 291.



Apparently, Channel File 291, a configuration file which CrowdStrike admits triggered a logic error and caused the Windows operating system to crash, did not undergo adequate quality checks or testings before it was deployed. The latest version of the Falcon sensor software was meant to make CrowdStrike clients’ systems more secure against hacking by updating the threats it defends against.




Because the solution also requires local administrator access, in addition to a recovery key if the affected machine is encrypted by Bitlocker, it took some time for systems to get back online as many IT departments scrambled to comprehend the problem. To get an idea of the global impact, over half of Fortune 500 companies and many government bodies use the CrowdStrike’s software.



However, two major countries remained unaffected – China and Russia. In China, it was business as usual. The country’s critical infrastructure, from airlines to banks, continued operating without a hitch thanks to Beijing’s policy of technological self-sufficiency. While Beijing Capital International Airport reported no disruptions, the Shanghai Stock Exchange saw no trading halts.



But the biggest reason why China isn’t affected – CrowdStrike does not sell products and services in the country. Only some foreign companies in China were affected, such as international chain hotels like Sheraton, Marriott and Hyatt in Chinese cities. CrowdStrike’s customers are primarily concentrated in Europe and the United States. Additionally, China is not as reliant on Microsoft as the rest of the world.




Interestingly, CrowdStrike is designed specifically to protect against security threats originate from China. However, it seems Chinese hackers do not need to do anything to bring down Western nations’ banks, health-care, airlines and energy companies. Thanks to the U.S.’ anti-Chinese policies, China has been replacing foreign IT systems with domestic ones.




Chinese domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers – providing shields against foreign threats. While Microsoft operates in China through a local partner, 21Vianet, the Chinese company manages its services independent of its global infrastructure. This setup insulates China’s essential services – like banking and aviation – from global disruptions like the one on July 19.



Even if Western countries did not start a trade war or banned Chinese tech giants like Huawei or social media like TikTok, Beijing has long recognized the danger and risks of over-reliance on a handful of foreign dominant tech providers such as Microsoft. The global’s standardised on platforms like Microsoft Windows translates to vulnerabilities, and a single point of failure (SPOF) which can cascade into a global meltdown.




Taking a page from the West’s playbook, Beijing also plays the same game called national security. This has led Chinese tech giants to develop homegrown versions of nearly every major Western software platform – Alibaba Cloud as an AWS alternative, WeChat replacing WhatsApp and Facebook, and Baidu providing search and mapping services similar to Google.



Although Windows are still being used in the domestic personal computer market, China has developed its own “Unity Operating System” (UOS), which is a Linux operating system based on Debian. For government offices, national defense, energy and other sectors of the Chinese economy, they are using “NeoKylin” as its Desktop Operating System as replacement for Windows.



As expected, the outage caused by CrowdStrike has seen the American product being mocked by the Chinese. Global Times newspaper said – “Some countries constantly talk about security, generalise the concept of security, but ignore the real security, this is ironic”. The statement was mocking the U.S. for trying to dictate the terms of who can use global technology and how it is used, only to see its own companies causing global chaos.




The Chinese also ridiculed the West’s constant mantra of accusing China of copying or stealing western technology, but somehow the Middle Kingdom did not plunge into the tech meltdown despite having stolen the so-called intellectual property. On Chinese social media, netizens joked that Microsoft had given them an unexpected day off, saying – “Thank you Microsoft for an early vacation,”



But one Weibo sarcastically complained – “Our company just switched to new computers with the HarmonyOS system, so we can’t join in your celebration”. When the U.S. Commerce Department added Huawei Technologies Co to its “entity list” in May 2019 during Trump administration’s trade war with China, the Chinese tech giant retaliated about 3 months later by revealing its own operating system – HarmonyOS.



Russia, on the other hand, managed to avoid the catastrophe unleashed by the American company thanks to the U.S. sanctions. Russian officials bragged that Moscow was spared the impact of the global IT systems outage because of its increased self-sufficiency after years of Western sanctions. Like China, there was no known customer in Russia for CrowdStrike.




Microsoft and other major Western IT firms have suspended sales in Russia ever since Vladimir Putin launched a special military operation in Ukraine. And unlike other countries, the Russian market is dominated by local cybersecurity firms such as Kaspersky Labs. Russiancompanies from state nuclear giant Rosatom, which operates all of Russia’s nuclear plants, to major lenders and airlines, reported no glitches at all.



Even before the invasion of Ukraine, Moscow has started substituting imports of foreign goods in key sectors since relations with the West began deteriorating as a result of the annexation of Ukraine’s Crimea in 2014. A currency trader in Russia said – “Everyone has long been preparing for the possibility of being cut off from Microsoft due to sanctions.”


No comments:

Post a Comment