Microsoft outage shut down the world. We need to be prepared for potential cyber attacks

In July, an unassuming bug was pushed onto Microsoft Windows systems around the world. This bug crippled digital infrastructure from MRIs to 911 services to airlines and hospitals. If it ran on Windows, it was brought to its knees, and our modern convenience with it.

Living a life filled with technologies helps provide conveniences to our everyday lives like starting our cars remotely, opening locks to our homes, accessing online banking and countless other benefits that help save steps in our day.

We live in a connected world which brings with it many conveniences − and threats.

These automated functions brought to us by an interconnected world have also introduced vulnerabilities to our lives that we never could have imagined or seen coming just a decade ago.

CrowdStrike outage put our vulnerabilities on display

While this recent cyber event that took down servers and windows devices around the globe was not a cyber attack, the impact this event had should make us all think about what would happen should we lose some or all the technologies that have become a ubiquitous part of our everyday lives.

An error appears on the monitors inside the McNamara Terminal in Detroit Metro Airport on Friday morning, July 19, 2024. A Microsoft computer update caused significant delays for several airlines, impacting flights at the airport.
An error appears on the monitors inside the McNamara Terminal in Detroit Metro Airport on Friday morning, July 19, 2024. A Microsoft computer update caused significant delays for several airlines, impacting flights at the airport.

When any type of negative cyber event occurs, kinetic events are sure to follow. We heard stories about one of the largest international airports having to quickly move to manually written boarding passes for airlines this week and for a period some hospitals stopped elective surgeries. More stories will continue to be told. In minutes we were forced to exchange automated functions with “old school interactions”, more phone calls vs. texting and impromptu physical meetings that had to substitute for email.

These are just a few of the experiences we witnessed these past few days. Fortunately, it wasn’t a cyber attack and with some emergency services and hospital procedures knocked offline, it is a miracle we haven’t heard of a great loss of life.

But we should take note. In my professional life, I work to help our lawmakers and policy experts ask the right questions about cyber protections and risk postures of the agencies and entities that support millions of citizens.

Nation states and other bad actors spend countless hours looking at how they might disrupt and destroy our way of life, and what makes events like this even more significant is that there is no doubt these groups are taking note and mapping out the cascading impact we experienced this week.

We need to be prepared for possible cyber attacks

We should all take note of the dependence we have on our own technologies. It would be difficult, if not impossible, to rid ourselves of the tools which govern our lives, but what is even more important is that we have “situational awareness.” Are we prepared as individuals, families, and communities to function if cell service is out for a period, or if the power grid gets hit with a cyber attack?

Forward leaning corporations and government entities spend time and resources doing emergency preparedness drills just in case such a scenario exists. However, clear weaknesses were exposed these past few days. While organizations will work to close gaps and vulnerabilities that may exist in our infrastructure, we as individuals should do the same.

A blue Windows error message caused by the CrowdStrike software update is displayed on a screen in a bus shelter on July 22, 2024 in Washington, DC.
A blue Windows error message caused by the CrowdStrike software update is displayed on a screen in a bus shelter on July 22, 2024 in Washington, DC.

Emergency preparedness isn’t just for those who are focused on the worst-case scenario. We should all know how we will communicate with family members in the event of a loss of cell coverage. We should all know how we would sustain ourselves without access to banking information or ATMs.

We should all pay attention to how dependent we are on technology and look at not only what privacies we are giving up, but how we might survive and continue to thrive in the event of another major cyber event.

Tom Guarente
Tom Guarente

Tom Guarente serves as the vice president of external and government affairs for a global cybersecurity firm and has become a leading advocate for raising awareness around the impact cyber events can have on agencies, organizations, and communities. Guarente has over 35 years of technology and cybersecurity experience and lives in Brentwood, Tennessee.

This article originally appeared on Nashville Tennessean: Crowdstrike outage affecting Microsoft reveals cybersecurity flaws

Advertisement