Global cybernetic crash, and it's because an antivirus...
Is this a "cyberpandemic" rehearsal?
Before continuing, leave a like! And then, if you want, let me know what you think of this article in the comments. - Matte
This morning, many companies around the world woke up to a nasty case of BSOD (Blue Screen of Death): numerous Windows-based endpoints (PCs) worldwide have stopped functioning, from the United States to Japan, passing through India, and finally reaching Europe.
i Stati Uniti, al Giappone, passando per l’India e arrivando infine anche in Europa.
The blame for this global blackout is not on Microsoft, as some outlets have reported, but appears to be on a company called Crowdstrike, which produces, among other things, an Endpoint Detection and Response (EDR) platform called Falcon. This platform uses artificial intelligence to detect anomalies and attacks, responding autonomously.
Falcon is essentially an advanced antivirus that leverages AI to analyze billions of data points, identify endpoint anomalies, and take appropriate action. There are several such platforms, but as far as I know, this is the first time something like this has happened.
The issue lies in the fact that the Falcon sensor, possibly due to a software update, prevents the operating system from loading correctly, as if it were a threat.
This has led to the infamous BSOD and the blackout of many systems, which for now can only hope for a quick fix from Crowdstrike, which meanwhile is not having a great time.
There are already some tips online on how to fix the problem independently, but we’ll leave that to the brave system administrators who will undoubtedly be able to handle it.
General Rehearsals of Cyber Pandemic
According to reports, numerous critical global services are completely blocked: mass media, airports, stations, and banks.
As reported by various sources, American Airlines, Delta Airlines, and United Airlines have decided to ground all flights worldwide until the problem is resolved. The same seems to be happening at Spanish and German airports.
Similar news is coming from railway stations with huge delays and from many other logistics services; even emergency 911 services in America are reportedly having problems.
This event, ironically caused by an antivirus rather than a virus, shows the fragility of global IT systems — constantly on the brink of a total crash.
The interconnection of our technological infrastructures, communication systems, and critical infrastructures exposes our entire society to a cyber Black Swan. This is what the World Economic Forum during the Covid period called the risk of a “Cyber Pandemic.”
Ready for the Cyber Pandemic?
For a Cyber Pandemic, we mean a single event that could trigger a chain reaction worldwide. People, companies, and entire states could be victims of this domino effect disaster.
The effects should not be underestimated: what happens if all the endpoints at numerous airports worldwide suddenly stop functioning? And what happens if it’s the transit train management systems and level crossings that suddenly stop working?
And if these service interruptions, already dangerous on their own, were exploited by cybercriminal groups (often also funded by various governments) to attack strategic targets? Better not to think about it...
How would you react in case of a cyber pandemic?
I hope no serious incidents occur, but one thing is certain: a global crash of this kind, albeit (hopefully) extremely limited in time, will cause enormous economic damage to all involved parties. Financial markets could also be affected: we know that often a bad news item is enough to trigger an unexpected sell-off.
Reacting to such a scenario is not easy. I tried to imagine it last December, and indeed in my mind, the start of a cyber pandemic, from the perspective of an ordinary person, began just like this…
Resilience is a Myth
In light of what is happening today, due to a trivial configuration problem of an EDR platform, it is worth reflecting on the direction our governments are taking on digital issues.
It is already serious enough to have all critical and communication systems interconnected, constantly on the verge of a global crash with a domino effect. Are we sure we want to tie our money (for example, with the digital euro) and our identity (soon to be digitalized) to the same systems?
Lawmakers use pompous words like resilience, and countless cybersecurity laws are issued every year (much to the delight of GRC consultants).
But we know, or should know: the law guarantees nothing. The law is a piece of paper (digitized too). Resilience is a fairy tale told by bored old men in Parliaments. IT systems are fragile by definition.
Maybe digitizing *everything* is not such a great idea after all.