- A massive IT outage linked to a CrowdStrike update has disrupted the global economy.
- Major airlines, fast-food chains, and Microsoft Windows systems have faced significant issues.
- Experts warn against auto-updating and encourage multiple cybersecurity measures.
A massive IT outage disrupted the global economy after CrowdStrike, the cybersecurity giant, issued a faulty update.
Over the past several hours, major airlines have grappled with spotty communication systems. Fast-food restaurants, grocery stores, and major retailers have struggled with faulty cash registers. Since CrowdStrike also provides services to Microsoft, any machines running on Microsoft's Windows operating system also crashed due to the update.
Meanwhile, online, IT professionals are moaning about the simple way this all could have been avoided: Turn off auto-updates.
"Every IT person learns this lesson the hard way…once. I just posted a comment a day earlier trying to explain why auto-updating infrastructure was a bad idea, now I've gone back and added this as an example," one all-knowing IT person wrote on Reddit.
Several X users echoed that sentiment.
"Sometimes you tell yourself that there are adults in the room and that people are not making things up as they go," wrote one X user. "Then basically every major airlines/airports, hospitals, emergency systems, banks, etc. go down because they all run kernel level junk that auto updates."
Another X account dedicated to cryptocurrency trading posted the disclaimer: "Auto-updates introduce systemic risk."
Cybersecurity experts said that auto-updates typically help companies react quickly to global threats.
"Of course, not having auto-updates on in this case would have saved companies, but the auto-update is there for a reason — to respond as fast as possible to new threats and exploits worldwide," Nadir Izrael, the cofounder and chief technical officer of cybersecurity company Armis, told Business Insider. "Clearly, in this case, there was a catastrophic failure in that, and it will likely impact how tools do auto updates in the foreseeable future."
Izrael said Armis itself doesn't use auto-updates and instead has people on call to review and roll out updates. "However, for a large-scale enterprise, that might not be a feasible process," he said.
Whether this outage will prompt cybersecurity companies to reevaluate their approach to auto-updates isn't yet clear. However, it's best for companies using these tools to enable more than one line of defense, according to Andrius Minkevičius, the cofounder of CyberUpgrade, which specializes in cybersecurity solutions.
"This incident is a stark reminder that relying solely on technological defenses is insufficient. Organizations must implement multiple control mechanisms and security measures for each potential attack vector," he told BI by email.