This Science News Wire page contains a press release issued by an organization and is provided to you "as is" with little or no review from Science X staff.

IT outage causes issues across the globe: cyber resilience researchers react

July 19th, 2024 Meg Cox
cyber
Credit: Pixabay/CC0 Public Domain

Andrew Peck, a cyber resilience Ph.D. researcher at Loughborough University who, prior to joining the institute, had a career delivering IT solutions to big industry, healthcare and government, and Professor Oli Buckley, an expert in cyber security, have reacted to the IT outage news.

"Waking up to discover that chunks of the infrastructure we rely on are not functional is a seemingly increasing feature of the cyber-physical infrastructure that modern economies and societies depend on", said Andrew.

"There are two points worth considering here. The first is a perspective on resilience. Cyber resilience asks, 'how do we survive something going wrong?', whereas cyber security asks 'how do we stop something bad happening?'.

"Companies that still don't have these strategies in place will be watching the relative success of their rivals today and realising that this has to become part of what they do.

"The second thing to consider is the cause of the crash today. The outage appears to be caused by a poorly written update from a cyber security vendor.

"The measure in terms of resilience is not what has happened, but what CrowdStrike do in response.

"CrowdStrike will have shifted from 'security' to 'resilience' mode in a heartbeat as the success or failure of their business depends now on how well they manage their responsibilities and client communications.

"Whilst this outage is theirs to own, their solutions have prevented similar incidents many times over and they have a lot of goodwill and a strong reputation which should let them weather this."

So, what can be done to prevent this happening again?

"It highlights the important work to be done at a government and policy level", Andy said.

"I expect UK Government ministers and their advisers that are about to start drafting the Cyber Security and Resilience Bill—announced in the King's speech—to be watching this incident closely to work out what mandatory frameworks and measures they want to make part of UK law going forward to insulate the economy and society from shocks like this.

"It's important to note that this incident doesn't appear to be malicious, and I'd expect to see the Bill account for that with requirements for governance, oversight and checks within our digital supply chains in the same way that legislation around GDPR defines and places responsibility on data controllers and processors."

A "critical gap"

Professor Oli Buckley, a Professor in Cyber Security, commented: "CrowdStrike's recent update issues highlight a critical gap: while experienced users can implement the workaround, expecting millions to do so is impractical.

"The real challenge lies in deploying the workaround across all affected systems—a non-trivial task demanding coordinated efforts, so a proper patch can be put in place.

"Additionally, it looks like a config file error rather than a code update and it seems to be mainly impact CrowdStrike Falcon.

"This an Endpoint Detection and Response Platform, and has had the knock on impact of affecting those running Microsoft software. As we are incredibly reliant on Microsoft products this is causing such widespread issues.

"Ironically, Falcon's role is to protect devices from cyber threats by monitoring for intrusions or suspicious activity and then it should block it.

"This is a complex bit of software that can update the way a system behaves to try and keep them safe from attack."

More information:
Loughborough is one of the country's leading universities, with an international reputation for research that matters, excellence in teaching, strong links with industry, and unrivalled achievement in sport and its underpinning academic disciplines.

It has been awarded five stars in the independent QS Stars university rating scheme, named the best university in the world for sports-related subjects in the 2024 QS World University Rankings – the eighth year running – and University of the Year for Sport by The Times and Sunday Times University Guide 2022.

Loughborough is ranked 6th in The UK Complete University Guide 2025, 10th in the Guardian University League Table 2024 and 10th in the Times and Sunday Times Good University Guide 2024.

Loughborough is consistently ranked in the top twenty of UK universities in the Times Higher Education's 'table of tables', and in the Research Excellence Framework (REF) 2021 over 90% of its research was rated as 'world-leading' or 'internationally-excellent'. In recognition of its contribution to the sector, Loughborough has been awarded seven Queen's Anniversary Prizes.

The Loughborough University London campus is based on the Queen Elizabeth Olympic Park and offers postgraduate and executive-level education, as well as research and enterprise opportunities. It is home to influential thought leaders, pioneering researchers and creative innovators who provide students with the highest quality of teaching and the very latest in modern thinking.

Provided by Loughborough University

Citation: IT outage causes issues across the globe: cyber resilience researchers react (2024, July 19) retrieved 24 November 2024 from https://sciencex.com/wire-news/482834032/it-outage-causes-issues-across-the-globe-cyber-resilience-resear.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.