massive IT outage hits the world
Comments
-
prowla said:The mistake is in considering a PC software supplier to be a global enterprise service provider.Their cloud offering, "Azure", had an outage a few years back, where an Active Directory update propagated globally; it was almost like one of those disaster movies where you see a map of the worlds and the lights gradually go out.This time it looks like they embedded a 3rd party piece into their services such that it comprised a Single Point Of Failure (SPOF) across their entire systems, so when it had a bug it went everywhere.The days of having controlled roll-outs, QA testing, contingency plans, redundant services, resilient systems, and so-on are long gone.Some might say that replication is a resiliency feature, but the risk is that a service which relies on replication sufers from the pitfal that it will also replicate errors.As for customers, Microsoft showed that 80% of the product sold cheaply is what sells; if you view the tech as a cost rather than an enabler and have a "that'll do" mentality, then you're putting yourself in a risky position.
Some news outlets (especially BBC) reported this as a Microsoft Outage until about 9am. Even though the exact cause was known much earlier.
The fix is either to restart the PC up to fifteen times or go in and delete a file.
The problem is that all 24,000 of Crowdstrike customers are big organisations with many thousands of PCs and Servers each. All of which will need fixing essentially manually (I exclude virtual machines here because they can be rolled back remotely). Some of these PCs are embedded and it will take days to get around to each one.
The problem here isn't a single point of failure but putting Compliance ahead of risk assessment. Compliance insists that systems like Falcon are in place - that box is ticked but the organisation doesn't do a risk assessment and so there's no plan to swiftly resolve issues.
This isn't the first time it's happened, in 2010 a similar Mcaffee update knocked out thousands of PCs. But organisations didn't learn.2 -
Fortunately the pub was able to accept my contactless payment last night but I had a back-up plan - folding money.0
-
Le_Kirk said:Fortunately the pub was able to accept my contactless payment last night but I had a back-up plan - folding money.
Ditto. And my second level of backup is a case of beer in the garage.
I’m a Forum Ambassador and I support the Forum Team on the In My Home MoneySaving, Energy and Techie Stuff boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.
1 -
PHK said:prowla said:The mistake is in considering a PC software supplier to be a global enterprise service provider.Their cloud offering, "Azure", had an outage a few years back, where an Active Directory update propagated globally; it was almost like one of those disaster movies where you see a map of the worlds and the lights gradually go out.This time it looks like they embedded a 3rd party piece into their services such that it comprised a Single Point Of Failure (SPOF) across their entire systems, so when it had a bug it went everywhere.The days of having controlled roll-outs, QA testing, contingency plans, redundant services, resilient systems, and so-on are long gone.Some might say that replication is a resiliency feature, but the risk is that a service which relies on replication sufers from the pitfal that it will also replicate errors.As for customers, Microsoft showed that 80% of the product sold cheaply is what sells; if you view the tech as a cost rather than an enabler and have a "that'll do" mentality, then you're putting yourself in a risky position.
Some news outlets (especially BBC) reported this as a Microsoft Outage until about 9am. Even though the exact cause was known much earlier.
The fix is either to restart the PC up to fifteen times or go in and delete a file.
The problem is that all 24,000 of Crowdstrike customers are big organisations with many thousands of PCs and Servers each. All of which will need fixing essentially manually (I exclude virtual machines here because they can be rolled back remotely). Some of these PCs are embedded and it will take days to get around to each one.
The problem here isn't a single point of failure but putting Compliance ahead of risk assessment. Compliance insists that systems like Falcon are in place - that box is ticked but the organisation doesn't do a risk assessment and so there's no plan to swiftly resolve issues.
This isn't the first time it's happened, in 2010 a similar Mcaffee update knocked out thousands of PCs. But organisations didn't learn.Well yes and no...I did mention "controlled roll-outs, QA testing, contingency plans, redundant services, resilient systems, and so-on", which goes to your compliance comments and highlights the procedural issues.But I take your point that it is the 3rd party software at fault.However, the underlying issue is the buying in to the Microsoft centralised/automated replication model, where I said "the risk is that a service which relies on replication sufers from the pitfal that it will also replicate errors".You mention the McAffee issue and I mentioned the Azure outage; they're both symptoms of the same problem.
0 -
Interesting that China was hardly hit at all - mainly because they use their own systems as a lot of the western world boycotts their products and won't sell them advanced technology. It's largely foreign companies operating in China that were hit.That must be setting minds working in China regarding ways to fight a technology war with the West, as if they haven't already...
I’m a Forum Ambassador and I support the Forum Team on the In My Home MoneySaving, Energy and Techie Stuff boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.
0 -
victor2 said:Interesting that China was hardly hit at all - mainly because they use their own systems as a lot of the western world boycotts their products and won't sell them advanced technology. It's largely foreign companies operating in China that were hit.That must be setting minds working in China regarding ways to fight a technology war with the West, as if they haven't already...
Russia as well - or so they claim ...
0 -
There is certainly more incentive not to cause a major muck up in either Russia or China.
Let's Be Careful Out There0 -
TELLIT01 said:The wonders of modern technology. I wonder how those who brag about never carrying cash are getting on.
In many of the places hit hardest they were not accepting cash either, they just locked the doors as the entire till system was offline.
There was a certain amount of hysteria and hyperbole thrown around as well, the talk of people "starving" if unable to buy food, how would people cope etc. In a worst case scenario just not eat for a day, or buy food elsewhere, but there was certainly no risk of starvation.0 -
My laptop wants to do an update. Windows.
I've ignored it for a couple of days, but I hope this is not connected in any way and no reason I shouldn't run it.How's it going, AKA, Nutwatch? - 12 month spends to date = 2.50% of current retirement "pot" (as at end August 2024)0 -
Sea_Shell said:My laptop wants to do an update. Windows.
I've ignored it for a couple of days, but I hope this is not connected in any way and no reason I shouldn't run it.
Doubt it. You'd have to be running Crowdstrike software, and they've fixed the problem anyway.
I’m a Forum Ambassador and I support the Forum Team on the In My Home MoneySaving, Energy and Techie Stuff boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.
2
Categories
- All Categories
- 345.6K Banking & Borrowing
- 251K Reduce Debt & Boost Income
- 450.9K Spending & Discounts
- 237.6K Work, Benefits & Business
- 612.4K Mortgages, Homes & Bills
- 174.3K Life & Family
- 250.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards