Comment on CrowdStrike: Not defenceless, but at the mercy of others
A faulty update of CrowdStrike caused chaos and shows the risks of security software that is nevertheless essential, says Ronald Eikenberg.
(Image: Shutterstock.com/ bearbeitet von heise online)
When the performance of the play "Ivanov" at the Berliner Ensemble had to be interrupted on a Friday evening in April, the damage was extensive: 15,000 liters of water flooded the neo-baroque Great House. The reason: the sprinkler system had triggered due to a malfunction. It was not a fire that caused the major catastrophe, but the protective device that had been installed against it.
On a Friday in July, an even bigger catastrophe occurred: Aircraft, operating rooms, emergency call centers and much more around the world came to a standstill after the security company CrowdStrike rolled out a faulty configuration update for its Falcon security software. Just before the weekend and in the middle of the vacation season.
Once again, a protective measure had triggered an unexpected crisis that would not have existed without it. Around 8.5 million Windows computers only displayed a blue screen and had to be laboriously repaired manually in safe mode, one by one. It was perhaps the biggest IT outage in history.
Videos by heise
For many admins, the CrowdStrike incident was a rude awakening. By now at the latest, it should be clear to everyone how deeply security software gets into the system and what fatal consequences its malfunction has. We must blindly trust that the manufacturers are up to this responsibility.
It will not be possible to prevent the next IT disaster. Mistakes are human - and can happen again at any time. Nevertheless, it is important to ask the right questions now: What external factors are we dependent on? Do we really need them all? And, above all, how can we resume emergency operations as quickly as possible next time so that planes can take off and patients can be operated on?
On the other hand, we should refrain from the frustration reaction of simply doing without CrowdStrike and the like. Because even if the sprinkler system sometimes becomes the cause of a disaster, simply omitting fire protection is even worse.
(rei)
