Global internet outage - Disruption to airlines, banks, media and other businesses worldwide - July 19, 2024

DNA Solves
DNA Solves
DNA Solves

New Posts

My local natural gas company sent me a text message today informing me that their website was down and providing a phone number to call them if you had to contact them for customer service.

I went to the bank this afternoon and even though they were having PC related issues, they were able to take care of my banking needs.

I also went to the grocery store and paid cash for a couple of grocery items.

WBNS-TV in Columbus, Ohio reported during their 6:00 PM newscast that the outage caused a five hour delay for Columbus LE in issuing an statewide amber alert for a missing young child this morning who was found unharmed and safe before noon today.
 
What is the takeaway from this incident? I caught, only half, of what some talking head said on a show today that recommended that companies/orgs diversify with their tech security providers. Is that the issue? I am NOT tech savy so seriously asking. Is there not enough competition among the tech security industry? Would it be wise to not use one company for every location? LOL, I'm even confusing myself while typing. I guess my point is we now know how many huge companies were using Crowdstrike and who were dealing with the aftermath. Is that in itself a security problem? And should these companies diversify and are they able to?
I probably won't understand the answer so dumb it down please.
 
I still use both cash and radios, though the physical radio I use most often only gets internet radio stations.
I have a little pink Bush radio that I use in the bathroom. It's not an internet one. And it runs on batteries so if the power and/or internet is down I can still use it. As long as I have charged batteries, which I do have quite a few of.
I also have a Sony small radio that I don't use much anymore. It's also a battery one.

I've also been in the situation where a shops computer went down but i was okay because I had cash and was happy to not get change.
On another site I'm on there are quite a few people proud of the fact that they "haven't carried cash for years"


Not all of what was before the internet is of no value.
 
Last edited:
So many people I know, when something goes wrong, even if it's something small, they have to take it to someone to fix it.
I've fixed my own computers for years. When I got my first computer, I bought the Windows for Dummies book, then after I got more confidence, if something went wrong I googled and found the answer.

I've stopped trying to help my friends, I used to tell them simple stuff like turn the computer off then on again but it seems that even that was too scary

These friends sometimes ask me who I get to fix my computer.

My answer is ME :D

They could also do it themselves if they were only willing to try.
 
Eli9 said:
What is the takeaway from this incident? I caught, only half, of what some talking head said on a show today that recommended that companies/orgs diversify with their tech security providers. Is that the issue? I am NOT tech savy so seriously asking. Is there not enough competition among the tech security industry? Would it be wise to not use one company for every location? LOL, I'm even confusing myself while typing. I guess my point is we now know how many huge companies were using Crowdstrike and who were dealing with the aftermath. Is that in itself a security problem? And should these companies diversify and are they able to?
I probably won't understand the answer so dumb it down please.
Click to expand...
Most large companies have diversified their tech. They recognize the risk of cyber-terrorism. They have all had major tech failures. They remember the great electrical grid failure in Ontario and NE USA back in 2003. They know they are at risk of in-house tech sabotage. Cybersecurity and systems backup plans are a staple for large companies in key industries. It doesn't mean that their can't/won't be disruptions (like today) but it at least reduces their potentially horrendous impact. And, we now see that many companies got their services sorted out later in the day. For smaller companies it can be too large an expense to put in place these redundant systems and processes, and for many of them they aren't in 'critical' industries. But these are real challenges for these companies and their customers.

Of course that is small comfort to people that were impacted in serious ways today.
 
Eli9 said:
What is the takeaway from this incident? I caught, only half, of what some talking head said on a show today that recommended that companies/orgs diversify with their tech security providers. Is that the issue? I am NOT tech savy so seriously asking. Is there not enough competition among the tech security industry? Would it be wise to not use one company for every location? LOL, I'm even confusing myself while typing. I guess my point is we now know how many huge companies were using Crowdstrike and who were dealing with the aftermath. Is that in itself a security problem? And should these companies diversify and are they able to?
I probably won't understand the answer so dumb it down please.
Click to expand...

In my opinion there are a couple of different issues. First, there's the problem with how these updates are occurring automatically. We don't know the exact course of events that transpired here, but it sure seems like someone on the CrowdStrike QA team dropped the ball. Auto-updates need to go through an extremely stringent testing process before they are released to production. They need a testing environment that mimics actual real-world servers to ensure that their update isn't breaking anything. Techies know how to do this, the problem is that the MBA-types never want to spend the money to do it properly. It needs to be mandated somehow and a third party auditing firm should have to sign off on the rollout process. And, finally, rollouts should be staggered. Instead of doing all the updates at the same time, they should be done over the course of a few days. That may not always possible, especially when it's an urgent security patch, but in this case, even doing a few thousand machines and then waiting an hour to do the rest would have shown that the update was faulty.

The second issue, IMO, is Microsoft's. Right now, programs are allowed direct access to the system kernel. It's the only way to install certain low-level software. This needs to be changed so that a bad software update can't prevent a computer from rebooting. Apple addressed this a few years ago, and in general kernel extensions are not permitted in the Mac OS. (I'm not saying that Apple is perfect and there's no way to brick a Mac. But it's far too easy to do it in Windows with a piece of badly written code from a trusted source.) I don't know exactly how MS can fix this and it will probably take a huge re-write of the existing kernel which can bring on its own bugs and problems. But this problem is at least partly their fault for not being more proactive in trying to snuff out issues like this.
 
LeahBee said:
SBM
God I hope there's no fatalities and this doesn't happen again.
This is giving me flashbacks to 2022 (my fellow Canadians will know) of a massive tech outage we had nation-wide.
We lost internet, cable, public transportation, government services, debit machines, traffic lights, fire alarms/sprinkler systems, and 911 services.. and someone did die. It took 2 days to resolve this little maintenance whoopsie... apparently they've put solutions in place finally (almost the same thing happened a year prior) but I guess we will just have to wait and see what happens when another software update goes wrong.

2022 Rogers Communications outage - Wikipedia

en.m.wikipedia.org en.m.wikipedia.org
Click to expand...

I'm Canadian and I have no memory of that.
 
www.cp24.com

Global CrowdStrike disruption brings to mind lessons from 2022 Rogers outage

Canadians who woke up Friday to a worldwide technology outage that disrupted airlines, hospitals and banks may be thinking back to a widespread telecom outage from two years ago.
www.cp24.com www.cp24.com
July 19, 2024
''The July 2022 outage of Rogers Communications Inc.'s networks lasted more than 24 hours and affected more than 12 million customers while paralyzing communications across a number of sectors, including health care, law enforcement and the financial industry.'

''Two years ago, Canadians had a similar reminder of the interconnectedness of modern technology during the Rogers outage. In that case, communications were affected, which meant many 911 services couldn't receive incoming calls and debit transactions were paused when Interac was knocked offline.

Several hospitals reported being affected by the outages at the time.
Small business owners were among those hardest hit by the outage, which left them unable to process debit card payments''.
 
dotr said:
www.cp24.com

Global CrowdStrike disruption brings to mind lessons from 2022 Rogers outage

Canadians who woke up Friday to a worldwide technology outage that disrupted airlines, hospitals and banks may be thinking back to a widespread telecom outage from two years ago.
www.cp24.com www.cp24.com
July 19, 2024
''The July 2022 outage of Rogers Communications Inc.'s networks lasted more than 24 hours and affected more than 12 million customers while paralyzing communications across a number of sectors, including health care, law enforcement and the financial industry.'

''Two years ago, Canadians had a similar reminder of the interconnectedness of modern technology during the Rogers outage. In that case, communications were affected, which meant many 911 services couldn't receive incoming calls and debit transactions were paused when Interac was knocked offline.

Several hospitals reported being affected by the outages at the time.
Small business owners were among those hardest hit by the outage, which left them unable to process debit card payments''.
Click to expand...
Now I remember... everyone at the gas station was upset because it was cash only.
 
How embarrassing. An Aussie is President of Crowdstrike.
Maybe that is why we had so many outages.


Mike Sentonas, from Melbourne, is worth an estimated $225 million and is the global president of CrowdStrike.
Mr Sentonas joined the company in 2016 as vice president of technology strategy.
He served as chief technical officer from 2020 to 2023. He was promoted to president of the growing company last year after completing a computer science degree at Edith Cowan University in Perth.

Mr Sentonas gave a now-awkward interview earlier this year. He spoke about helping other companies deal with IT breaches and how they shouldn’t attempt to ‘trivialise’ any problems.
“If an organisation has been breached, I’ll often work with the team to coach them on how to deal with it,” he told The Age.

 
Last edited:
^^^ This article (linked above) gives steps to overcome the issue.


CrowdStrike has recommended people take the following steps as a workaround to the issue affecting PCs:

1. Boot in Safe Mode
2. Navigate to Windows\System32\drivers\CrowdStrike
3. Find and delete “C-00000291*.sys”
4. Reboot normally

Another solution is to restart the computer — although you may need to do this 15 times.

“We’ve received feedback from customers that several reboots (as many as 15 have been reported) may be required, but overall feedback is that reboots are an effective troubleshooting step at this stage,” a Microsoft spokesman said.
 
SouthAussie said:
How embarrassing. An Aussie is President of Crowdstrike.
Maybe that is why we had so many outages.


Mike Sentonas, from Melbourne, is worth an estimated $225 million and is the global president of CrowdStrike.
Mr Sentonas joined the company in 2016 as vice president of technology strategy.
He served as chief technical officer from 2020 to 2023. He was promoted to president of the growing company last year after completing a computer science degree at Edith Cowan University in Perth.

Mr Sentonas gave a now-awkward interview earlier this year. He spoke about helping other companies deal with IT breaches and how they shouldn’t attempt to ‘trivialise’ any problems.
“If an organisation has been breached, I’ll often work with the team to coach them on how to deal with it,” he told The Age.
Click to expand...

ohhhhh. Maybe you are right.
It did seem like so much more in Australia...
 
You must log in or register to reply here.

DNASolves

Who is Escambia County John Doe (1989)?

Members online

... and 106 more.
Total: 1,990 (members: 107, guests: 1,883)

Online statistics

Members online
107
Guests online
1,883
Total visitors
1,990
Totals may include hidden visitors.

Forum statistics

Threads
600,155
Messages
18,104,696
Members
230,991
Latest member
lyle.person1
Back
Top