Global IT outage sparks chaos, calls for robust cybersecurity

The recent global IT outage, attributed to Crowdstrike's software issues, has caused significant disruption across multiple sectors. The chaos, which spanned industries including aviation, banking, broadcasting, and retail, has brought the critical need for robust and resilient digital infrastructure to the forefront.

Mark Jones, a partner at Payne Hicks Beach, underscored the gravity of the situation. "Within a matter of days of the King's Speech, in which the government outlined its firm focus on cybersecurity and preventing hacking incidents, a significant global IT outage has taken place. Today’s IT outage, due to Crowdstrike’s cybersecurity software, has caused chaos across multiple sectors from aviation to banking and broadcasting to supermarkets and impacted millions of people and businesses. We do not know the reason for the outage but it is clearly a concern that the root of the issue appears to be cybersecurity software. The sheer scale of the issue across the world highlights the need for robust systems to be in place," he said.

Chris Dimitriadis, Global Chief Strategy Officer at ISACA, a professional association for security and risk professionals, echoed this sentiment. Describing the incident as a "crisis," Dimitriadis noted, "When one service provider in the digital supply chain is affected, the whole chain can break, causing large-scale outages. This incident is a clear example of what could be termed a digital pandemic—a single point of failure impacting millions of lives globally. Doctors can't see their patients, media outlets can't broadcast news, and travellers are stranded at airports. This isn't just business operations which are affected—these are real lives."

As companies grapple with the fallout, experts are calling attention to the need for comprehensive disaster recovery plans. Ryan Thornley, Security Practice Lead at Appsbroker CTS, highlighted the immense challenge ahead. "For organisations around the world, this incident underscores the crucial importance of having a clear and thorough disaster recovery plan. We don’t yet know the full extent of this incident, but what’s clear at this point is that the recovery phase for businesses and public organisations is going to be huge and very costly."

"Potentially, millions of machines around the globe, from hospital computers to supermarket checkouts, have received a defective content update to Crowdstrike and, in many situations, will need to be physically accessed to make them bootable again. This will be a mammoth undertaking and a real stress test for companies’ disaster recovery plans," Thornley explained.

The severity of the disruption has also attracted the attention of opportunistic hackers. According to the National Cyber Security Centre (NCSC), cybercriminals have already attempted to exploit the situation through phishing attacks. Aura Information Security advised businesses on maintaining cybersecurity during the recovery process. Alastair Miller, Principal Consultant at Aura, emphasised vigilance, urging businesses to beware of impersonation attempts and rigorously monitor network activity. Miller also stressed the importance of supporting IT teams through recovery to ensure thorough and secure system restorations.

As the situation unfolds, it is becoming increasingly evident that the interconnected nature of modern IT systems necessitates careful planning and resilient frameworks. The global outage is a stark reminder of the vulnerabilities inherent in the digital age and the imperative for organisations to fortify their cybersecurity measures. Ensuring that proper detection, response protocols, and skilled personnel are in place is critical to mitigating the impacts of such unprecedented disruptions in the future.