The world experienced a significant disruption on Friday, July 19, 2024. A botched software update from cybersecurity giant CrowdStrike crashed some 8.5 million computers, spreading Microsoft’s notorious “blue screen of death” across the globe. Airlines canceled over 46,000 flights in a single day.
Hospitals postponed surgeries, and 911 emergency services in the US faced disruptions. Film Forum, an arthouse cinema in New York, reverted to cash payments due to a failure of its credit card system. Although Microsoft and CrowdStrike worked on solutions, outages lingered for almost a week.
IT experts were quick to point out the lesson: never push updates out on a Friday. As our infrastructure becomes increasingly interwoven with the internet, such catastrophic outages are likely to recur. “There’s a price to pay for the convenience we enjoy,” says Ritesh Kotak, a cybersecurity and technology analyst.
Reflecting on the event, Kotak notes, “Next time, we might not be so lucky.”
One of the earliest major outages occurred in 1997 due to a glitch at Network Solutions Inc., a main registrar issuing domain names for websites. A misconfigured database crashed every single website ending in .com or .net, impacting around one million sites—a significant portion of the web at the time. While some businesses did experience losses, overall, the problems were minimal.
Fast forward 21 years, and the stakes are even higher. In 2018, a malware attack on the Alaskan community of Matanuska-Susitna took an array of digital services offline, affecting 100,000 people. “The cyber-attack, God help us, just about stopped everything,” local Helen Munoz told the BBC in 2019.
It took 10 weeks before the majority of Matanuska-Susitna’s systems came back online.
Global consequences of software updates
Sometimes, the problems start in the physical world.
For instance, Armenia’s internet connectivity once depended on a single fiber-optic cable running through Georgia. In 2011, an elderly woman scavenging for copper accidentally sliced through the cable with a spade, plunging Armenia into digital darkness. The woman was arrested, but later released due to her advanced age.
Engineers also contend with natural threats to undersea cables, such as shark attacks. Fiber-optic cables on the ocean floor have experienced problems since at least 1964 due to teeth marks from sharks, fish, and barracudas. To mitigate this, companies like Google now wrap their underwater cables in protective materials.
In Canada, a 2022 major outage at Rogers Communications, a key telecom provider, brought the country to a standstill, affecting emergency services, hospitals, and businesses. “A friend of mine literally missed the bar exam because she couldn’t get the exact address and room number for the test,” Kotak recalls. Internet shutdowns by governments are another significant threat.
Zach Rosson, a data analyst at Access Now, highlights that “since 2016, there have been over 1,500 internet shutdowns by governments, militaries, and police forces.” These shutdowns often accompany military or policing actions in countries like Bangladesh, Iran, Russia, and Venezuela, among others. Where internet connectivity depends on a single fiber-optic cable, it presents a glaring vulnerability. Despite decades of the internet integrating into daily life, Casey Oppenheim, chief executive at Disconnect, warns of the dangers of monopolistic control in the tech industry.
“The less diversity you have in any ecosystem, the more vulnerable you become,” Oppenheim says. He argues that the potential for catastrophic failures is amplified by “monopolistic forces” in the tech business. Reflecting on the lessons from the CrowdStrike event and other outages, it’s imperative to rethink the resilience and diversification of our digital infrastructure to guard against future disruptions.
Overall, the history of computing is littered with instances of digital fragility, reminding us of our dependence on this near-omnipresent network woven into the fabric of our lives.
Cameron is a highly regarded contributor in the rapidly evolving fields of artificial intelligence (AI) and machine learning. His articles delve into the theoretical underpinnings of AI, the practical applications of machine learning across industries, ethical considerations of autonomous systems, and the societal impacts of these disruptive technologies.
