CrowdStrike's IT outage is pretty severe, but let's hope it's not as bad as the infamous Dyn DDoS attack, Facebook mega-crash, or Rogers network outage.

Action
CrowdStrike's IT outage is pretty severe, but let's hope it's not as bad as the infamous Dyn DDoS attack, Facebook mega-crash, or Rogers network outage.

An apparent bug in CrowdStrike's Falcon software affected millions of people around the world and took down IT systems in media, hospitals, and airports worldwide, but the Dyn DDoS cyberattack in 2016, Facebook's server woes in 2021, 2022, and Canada's largest-ever IT outage in 2022, will likely go down in technology history as the worst outage in history.

While it is not entirely clear why or how millions of PCs fell into an endless BSOD (Blue Screen of Death) cycle overnight, the culprit appears to be a bug in a security update for software developed by CrowdStrike called Falcon. Although designed to prevent malware and other cyber attacks, it is a sobering reminder of the modern world's almost total dependence on client computers, servers, and the Internet. [A] malicious act or simple mistake can lead to enormous IT problems that affect millions of people. When I read about today's global outages, the worst cases that came to my mind are those that affected countless people in many countries. The most infamous was the Dyn DDoS attack in 2016.

Dyn is a DNS provider, a company that manages the servers that translate web requests for a particular domain name into IP addresses (Domain Name Servers, DNS) DDoS stands for Distributed Denial-of-Service stands for Distributed Denial-of-Service, in this case caused by tens of millions of Internet of Things (IoT) devices, including printers and security cameras, all infected with the Mirai malware and requesting domain name lookups.

The sheer volume of requests and the complexity of the attack took down Dyn services for an entire day, resulting in the shutdown of thousands of Internet-based services and platforms throughout the United States and Europe. Although several hacking groups have claimed responsibility and one individual admitted to participating in the attack in 2020, the full extent of the incident as to who was behind it has never been fully revealed.

However, it is not always a malicious event that can bring down major IT systems. For example, in 2021, Facebook and all its subsidiaries were offline for about 12 hours worldwide. This was a problem completely caused by Meta itself. One might think it was just the inability to share photos or send messages, but it had a huge impact in developing countries and even shut down unrelated systems, such as Google's services.

Rogers Communications, a telecommunications company that provides Internet and mobile services in Canada, was in a similar situation. Millions of web users lost access for a day, but more seriously, emergency services, banking, and payment systems that used Rogers' network were also stuck. The “cause” was a maintenance upgrade that went awry.

Whether the problems with the CrowdStrike Falcon will outweigh these events in terms of the number of people affected and the cost to the various economies remains to be seen, but it will almost certainly happen again at some point in the future. People make mistakes, but the global IT outage is a timely reminder that critical systems always need redundancy and recovery.

Categories