1 corrupt file = 8.5 million blue screens of death

Thom Benny profile picture Thom Benny July 29, 2024

July 29, 2024


Houston, we have a software problem

Dear Reader,

On December 31, 1999, the world stood at the brink of ruin.

The computers that ran the planet could only record the date down to two digits.

Instead of 1999, it was 99, and it couldn’t go any higher.

The fear was that when the new year rolled over, the machines wouldn’t be able to compute the new date correctly.

Everything would stop. The myriad systems the computers supported — electricity, transport, banking, everything — would collapse on the stroke of midnight, plunging the world into a new dark age.

The Year 2000 Problem, or Y2K, of course, amounted to very little.

A handful of quirky consequences cropped up, like this welcome screen display at a school in France:


Party like it’s 1900 (source)

It’s perhaps difficult to believe we could have been so worried about a couple of zeroes collapsing everything.

But this month, the world got a reminder of just how reliant we are on computers.

Channel File 291 and the blue screen of death

Texas-based CrowdStrike is a large cybersecurity firm that’s played a pivotal role in tracing and exposing some of the highest-profile cyberattacks of the past decade.

On July 19, they pushed a software update to clients all over the world.

Airlines, hospitals, banks, emergency services.

The update package, to CrowdStrike’s Falcon Sensor product, included a change to a configuration file called Channel File 291.

Channel File 291 doesn’t have quite the same ring to it as Y2K, or the Millennium Bug, but it wreaked about as much havoc on the world as we all feared back in late 1999.

It was this part of the Falcon Sensor update that triggered a ‘logic error’.

The error crashed the entire Windows operating system running on all the machines in question (while everyone working in cafés has a MacBook, the entire commercial world pretty much runs on Microsoft).

Thus, the world got a critically high dose of this:


The blue screen of death sweeps the West (source)

All the machines running the CrowdStrike product entered a ‘bootloop’, rendering them completely unusable.

The scale of the failure meant that commercial flights, television broadcasters, banking and healthcare services and even emergency call centres ceased to operate.

For millions and millions of people, the digitally-dependent world froze.

The disruption was vast and severe.

Cybersecurity consultant Troy Hunt called the incident the ‘largest IT outage in history… basically what we were all worried about with Y2K, except it’s actually happened‘.

Twenty-four years post Y2K, we were finally living the nightmare — all because of a file in a cybersecurity update package.

The damage wasn’t limited to the 8.5 million PCs and the many-times-more people trying to travel, or bank, or access healthcare or emergency services on July 19.

Businesses relying on the crashed computers took heavy losses.


Source

By the end of that day, CrowdStrike shares (listed on the NASDAQ) were down 11%.

At the time of writing, they’re down 32% from the all-time high they’d reached just a few weeks prior to the blue screen crisis.

Still, CrowdStrike is trading nearly 7% up for the year. Let’s see if that lasts.


CrowdStrike share price

And the fallout extends farther still.

Elon Musk shared on X that CrowdStrike has been ‘deleted from all our systems‘:


AirAsia CEO Tony Fernandes demanded answers and compensation for millions of dollars in revenue.

CrowdStrike’s competitors seized on the company’s failure and the resulting PR fallout to promote their own products.

The cyber criminals companies like CrowdStrike aim to guard against started sending phishing emails purporting to be CrowdStrike support and impersonating CrowdStrike staff in phone calls shortly afterward.

So the CrowdStrike crash reverberated far beyond the blue screen of death and the share price bloodbath.

Eliminating single points of failure

Mike Jude, research director at leading market intelligence firm International Data Corporation, reckons all of CrowdStrike’s competitors face the same vulnerabilities.

Cybersecurity firms have to push updates frequently. Otherwise, they risk falling behind new threats, which emerge constantly in the world of cybercrime.

This outage illustrates just how dependent we have become on cybersecurity solutions.’

— Mike Jude

Goldman Sachs analysts wrote that customers generally understood that it’s a question of when — not if — these incidents would happen.

The tone of resignation probably stems, in part, from the centralized nature of the CrowdStrike network.

One update. One product. Same operating system. More than eight million machines — and many times more people — impacted.

So what’s the alternative?


Many in the crypto and blockchain communities were quick to point out that over-reliance on centralized digital networks creates precisely these types of vulnerabilities.

One minute, you’re running your check-in counter, or bank, or hospital system like normal, and the next you’re facing the blue screen of death and unprecedented chaos and confusion.

According to SunnySide Digital founder and CEO, Taras Kulyk, the blockchain industry’s infrastructure of choice, Linux, offers immunity to such vulnerabilities.

According to Kulyk, Linux operates on the same principles as Bitcoin and the wider blockchain world; privacy, decentralization and individual empowerment.

Bitcoin ‘was completely unaffected because most, if not all, Bitcoin miners are using Linux-based frameworks‘, Kulyk said in an interview.

Banks globally have been shutting down because of this server issue, and yet, Bitcoin keeps hashing.’

Pro-crypto Senator Cynthia Lummis also noted that blockchains remained up and running during the CrowdStrike saga.


Vires in Numeris means ‘strength in numbers’ — a reference to the thousands of validator nodes that validate Bitcoin transactions.

Decentralization is a key promise for cryptocurrency and blockchain.

Decentralization in technology aims at providing a ‘trustless environment’ — one in which the network’s members reject any altered or corrupted data.

This form of network can also improve data reconciliation, reduce points of weakness, and reduce the likelihood of catastrophic failure — such as that inflicted by Channel File 291.

Quote of the week

Never trust a computer you can’t throw out a window.’

Steve Wozniak

That’s it for this week’s The Benchmark email.

Forward this to anyone you know who enjoys growing their investing knowledge.

If someone forwarded this to you, subscribe here.

Invest in knowledge,

Thom
Editor, The Benchmark

P.S. join me over on X where I post daily about the stories in The Benchmark, plus breaking financial news and events (click below):


​ · ​

All information contained in The Benchmark and on navexa.io is for education and informational purposes only. It is not intended as a substitute for professional financial or tax advice. The Benchmark and any contributors to The Benchmark are not financial professionals, and are not aware of your personal financial circumstances.


I help investors track their performance to make data-driven decisions.

Navexa Portfolio Tracker: Join thousands of people using data to take their investing to the next level. Sign up to my portfolio tracking tool and analyze your investment performance like a pro.

Grow your investing & wealth-building knowledge

Subscribe to The Benchmark for a weekly delivery of investing & wealth-building wisdom.