Thursday, July 25, 2024

Windows/CrowdStrike Outage: The Most Important Lesson


 
 JULY 23, 2024
Facebook

Photograph Source: Smishra1 – CC BY-SA 4.0

On July 19, users of about 8.5 million Windows users worldwide faced the dreaded “Blue Screen of Death.” As I write this column, many remain down. Microsoft has issued a manual fix for machines that aren’t able to automatically recover, but it’s a black eye for Microsoft and for Crowdstrike, the cybersecurity firm whose fault software update caused the outages.

While 8.5 million may not seem like a lot of machines in the scheme of things (about a billion and a half PCs run Windows 10/11, not counting older versions of the operating system), it wasn’t the number so much as the user identity that mattered.

The victims weren’t, for the most part, kids playing Minecraft. They were corporate customers — airlines, banks, hospitals, hotels. Flights were canceled. Account holders couldn’t access their bank accounts online. Surgeries were postponed.
My knee-jerk reaction, I confess was: Well, yeah …NEVER trust Windows or Crowdstrike (I’m a long-time Linux user and consider Crowdstrike’s close relationship with, and willingness to manufacture cybersecurity scams for, the Democratic Party suspect).

But I quickly realized that WAS just a knee-jerk response. The real lesson is: Widespread and exclusive reliance on single systems is a bad idea.

This outage didn’t affect MacOS, it didn’t affect Linux (and variants such as ChromeOS), and it didn’t affect cybersecurity software other than Crowdstrike’s product.

It did, however, affect the CUSTOMERS of businesses using the Windows/CrowdStrike combo on centralized systems.

For example, four US airlines had to cancel flights.

Why were they all using the same OS/security software combo?

And why didn’t they have backup systems, running different OSes and different security software, that could be quickly brought online to work from the same data sets as the usual systems if something like this happened?

Over the last few years, we’ve seen lots of loud calls for government to impose various top-down, one-size-fits-all “cybersecurity” solutions.

This outage demonstrates the problem with that idea.  Various government operations, including 911 call centers, fell victim to the problem. Requiring private sector entities to use government-approved “solutions” would expose even more users to problems hitting those “solutions.”

In the future, we can expect more, not fewer, collapses of computer systems and networks. Putting all our eggs in one operating system / cybersecurity basket is just asking for worse and more widespread disruption.

Unfortunately, as an individual user, you remain continually vulnerable to mistakes and poor decisions made upstream from your home PC desktop.

Thomas L. Knapp is director and senior news analyst at the William Lloyd Garrison Center for Libertarian Advocacy Journalism (thegarrisoncenter.org). He lives and works in north central Florida.

Big Tech Consolidation Amplified the 

CrowdStrike Outage


On Friday, an update to a cybersecurity program took down Microsoft systems across the globe. Microsoft has resisted efforts to regulate a root cause of this chaos: the concentration of digital infrastructure in the hands of a few tech giants.
July 22, 2024
Source: Jacobin


A little more than a year before Microsoft’s systems crashed on Friday, creating global chaos in the banking, airline, and emergency service industries, the company pushed back against regulators investigating the risks of a handful of cloud services companies controlling the world’s technological infrastructure, according to documents we reviewed.

“Regulators should carefully avoid any intervention that might disturb the competitive offerings that have promoted the explosive innovation and growth attributable to the cloud,” the company wrote in response to the Federal Trade Commission’s 2023 review of cloud computing companies’ security practices and interoperability protocols.

The agency questioned whether these companies “invest sufficient resources in research and development” of systems upon which the economy and government rely.

Microsoft is blaming this week’s global cloud outages on an update from CrowdStrike, a cybersecurity firm whose software protects against hacks. The debacle comes two days after federal agencies released new guidance sounding additional alarms that Big Tech’s consolidation of cloud services could put consumers at serious risk. It also comes one day after Microsoft’s cloud services experienced a separate outage in certain parts of the United States.

“This is a CrowdStrike-caused outage. It would be inaccurate to report this as a Microsoft outage,” the company said in a statement. “A CrowdStrike update was responsible for bringing down a number of IT systems globally. We are actively supporting customers to assist in their recovery.”

CrowdStrike did not respond to a request for comment.

“All too often these days, a single glitch results in a system-wide outage, affecting industries from healthcare and airlines to banks and auto-dealers,” posted Lina Khan, Federal Trade Commission chairwoman, whose agency spearheaded the probe of the cloud computing industry. “Millions of people and businesses pay the price. These incidents reveal how concentration can create fragile systems.”

At the root of the problem, regulators and researchers say, is Big Tech’s consolidation of cloud services, a technology that allows consumers to store computer information in massive data centers rather than storing it on-site. Just three companies — Amazon, Microsoft, and Google — control 65 percent of the cloud market, according to a report released on July 18 by CloudZero, a cost management platform.

Microsoft and CrowdStrike also dominate the end point security market, which ensures cybersecurity for devices like desktops, laptops, and mobile devices. As of 2022, the two companies controlled more than 30 percent of the market.

This consolidation helped allow a simple error to spiral on Friday.

“We had this cascading failure of all of these businesses, banks, the London Stock Exchange, all of these airlines had to be grounded, because of this one mistake,” said Zane Griffin Talley Cooper, a researcher at the University of Pennsylvania studying digital infrastructure. “And it’s because the internet has become so centralized in the hands of four or five big companies.”

“With that model, catastrophic failures like this are going to be increasingly common,” he added.
Regulatory Scrutiny Intensifies

In March 2023, the Federal Trade Commission announced a wide-ranging survey of the business practices of cloud providers. The agency looked at “market power, business practices affecting competition, and potential security risks,” soliciting comments from companies and the public.

In its response to the Federal Trade Commission’s probe, Microsoft claimed the marketplace for cloud services remains robust, and warned that regulations may affect “billions of dollars” in investments.

The company also suggested that the Federal Trade Commission’s intervention would “run the risk of impacting the quality of these solutions and the pace of innovation, and ultimately disadvantaging American companies on the global stage,” Microsoft wrote.

Public Citizen, a consumer advocacy nonprofit, warned the Federal Trade Commission in 2023 that the market dominance of Amazon, Microsoft, and Google over the cloud services sector is a threat to the economy.

“Single point dependency on a cloud provider is a structural weakness for the entire economy with the potential to cause more consumer harm in the future,” the group wrote in June 2023.

On Wednesday — just two days before the global outage — the Department of the Treasury, along with the Consumer Financial Protection Bureau and other federal agencies, cautioned that the industry’s deep reliance on a small handful of cloud service providers left it vulnerable to widespread outages and disruptions.

The Treasury also released a suite of guidance for banks and financial institutions, following its report from last February that raised an alarm about the potential risks of the highly consolidated market. The report advised that a failure like the one on Friday “could impact multiple financial institutions or U.S. consumers,” and recommended additional oversight, like inspecting third-party service providers.

The Consumer Financial Protection Bureau’s chief, Rohit Chopra, said on Friday that the failures are just a glimpse of the havoc that could be wreaked by this kind of outage in the financial sector. His agency has warned that in the future, such events could further “freeze parts of the payments infrastructure or grind other critical services to a halt.”

“There are just a handful of big cloud companies where so much of the economy is now resting on,” Chopra said on CNBC. “We’re getting a taste of some of the potential effects of a real reliance of sectors across the economy relying on a handful of cloud companies and other key systems.”

Friday’s outage was just a preview, he said, of what could go wrong in extreme cases of corporate consolidation and deregulation.
“Break Up This Cloud Consortium”

First reports of the outage surfaced early Friday morning, as computers running on Microsoft’s Windows operating system went down all at once. The issue traced back to a system update that was pushed by a company called CrowdStrike, a cybersecurity provider that is used to protect against hackers in a wide range of sectors, from airlines to banking — and was previously known for its involvement in the 2016 investigation into Russia’s hack of the Democratic National Committee.

CrowdStrike quickly said it had identified the problem with the update and began pushing a solution, but added that the fixes could take hours.

“We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online,” Satya Nadella, Microsoft’s CEO, posted on X.

Microsoft, which was one of the early pioneers of cloud computing software, controls a staggering 85 percent of federal productivity software, and even more of its operating system.

Yet the Big Tech giant has a history of pushing back against cybersecurity measures. In 2016, the Federal Reserve, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation released a joint rulemaking notice regarding the need for increased regulations on “enhanced cyber risk management standards for large and interconnected entities.”

The proposed rule would have “significant consequences not only for the financial services industry but also for third-parties like Microsoft,” the company wrote in a comment letter. It also raised concerns about the new rules, and added that cloud service providers offer better service and cybersecurity than traditional on-site storage centers.

The rule was withdrawn in March 2019.

Agencies and Congress have repeatedly tried and failed to strengthen cybersecurity regulations. Within the past three years, lawmakers have introduced at least four legislative initiatives to address these concerns, though none have been adopted so far.

This February, the federal Cybersecurity and Infrastructure Security Agency also announced it was renewing a task force charged with managing risks to the global information and communications technology supply chain, crucial for protecting computer hardware, software, and applications.

The companies themselves were seemingly aware of the potential threat caused by an overreliance on cloud-based systems.

In a 2023 comment letter to the Consumer Financial Protection Bureau about a proposed rulemaking to tighten personal data restrictions, CrowdStrike — the cybersecurity company responsible for Friday’s data breach — argued that the biggest risk to cybersecurity was not software supply chain issues, but hackers.

“It is our view that perhaps the most significant threat to data comes from bad actors operating unlawfully, leading to data breaches, cyberattacks, exploits, ransomware attacks and other exposure of consumer data,” CrowdStrike wrote.

CrowdStrike echoed their concerns about the dangers of hackers and resulting system failures in their most recent annual 10-K report. The company told investors that the “consolidation of siloed products” was a concern because “integrating and maintaining numerous products, data and infrastructures across highly distributed enterprise environments” created “blind spots that hackers can exploit.”

Microsoft, in its 2023 annual report to shareholders, also expressed that “providing [their] customers with more services and solutions in the cloud puts a premium on the resilience of [their] systems.”

But the companies have worked hard to keep regulators from taking steps to address these risks.

Microsoft is one of the country’s top spenders on lobbying, ranking in the top one hundred of corporations. So far this year, the company spent more than $5 million on campaign donations and lobbying lawmakers and regulators. Microsoft lobbied Congress, the Federal Trade Commission, the Treasury Department, the Executive Office of the White House, and other regulators on “policy issues in cloud computing,” among other issues, disclosures show.

“What we really need,” said Cooper, the University of Pennsylvania researcher, “is regulators to break up this cloud consortium of four or five companies and help distribute management of the internet backbone through a host of different companies.”



Sudan in Peril

 

JULY 25, 2024
Facebook

Image by ammar nassir.

The brutal and seemingly intractable conflict taking place in Sudan appears to have no end in sight. According to the UN, large parts of Sudan have been impacted by the fighting, after hostilities involving heavy weapons and fighter jets spread from the capital, Khartoum, to other regions and states including the Darfurs, located in the west of the vast country.

Sudan’s war broke out in April 2023 when the military tried to subdue the Rapid Support Forces.

Since then, fighting has ravaged much of the country, including the capital Khartoum. At least 15,500 people had been killed by June 2024. Over 25 million pushed into acute hunger, according to the United Nations and the nonprofit war monitor ACLED.

According to the UN refugee agency, UNHCR, there are about 10 million internally displaced people in Sudan, making it the country with “the largest internally displaced population ever reported.”

Four million of the displaced are children, according to UNICEF.

“Child displacement goes along with multiple other crises as a result of the war,” said Mandeep O’Brien, UNICEF’s country representative for Sudan. “Children face disease, malnutrition and hunger and close to 8.9 million are acutely food insecure.”

According to a report in The Guardian, a further two million people have fled to neighboring countries. Chad and South Sudan have received the largest numbers of refugees, followed by Egypt and Ethiopia.

The Guardian report noted that El Fasher, the last major government-held city in the vast western Darfur region, is home to tens of thousands of refugees who have fled brutal RSF offensives. In recent months, people living in the city have endured a tightening RSF siege and daily indiscriminate fire.

According to a UN World Health Organization (WHO) official, “The situation in Darfur is particularly alarming, where in places like El Fasher…the wounded cannot get the urgent care they need; children and pregnant and breastfeeding women are weak due to acute hunger.”

“All refugees I met said the reason why they fled Sudan was hunger,” said WHO country director Dr. Shible Sahbani to reporters after visiting refugees from Darfur, the source of half of the displaced population, in Chad.

Existing healthcare stockpiles have been used to supply a few hospitals in El Fasher, but “it’s not enough and it’s not sustainable”, Sahbani insisted, adding that the UN aid coordination office, OCHA, was continuing to negotiate with the various parties at war to allow relief supplies to be trucked in wherever possible.

According to the UN, humanitarian access and protection of civilians are among the main points under discussion at the UN-led talks between representatives from the Sudanese Armed Forces and the paramilitary Rapid Support Forces that began last week in Geneva, under the leadership of the UN Secretary-General’s Personal Envoy for Sudan, Ramtane Lamamra.

UN Geneva spokesperson Alessandra Vellucci told journalists that both delegations were “engaged” and that Lamamra and his team have had several interactions with each throughout the weekend.

Notwithstanding the discussions, millions of people continue to suffer from disease, malnutrition, and hunger.

Certain steps must be taken immediately to prevent this tragedy from continuing and worsening.

First, international bodies like the UN, African Union (AU), and regional organizations should engage in active mediation between conflicting parties.

The United States and European Union should impose sanctions on those individuals and entities fueling the conflict. At the same time, incentives should be introduced for those who commit to peace and reconciliation.

The US, EU, and surrounding African countries should commit and act immediately to increase humanitarian aid and provide food, water, shelter, and medical care to the Sudanese population in safe areas.

To fully protect the millions of civilians suffering in this conflict, the US and EU should consider immediately deploying international peacekeeping forces to provide protection in volatile regions as well as in the safe zones.

Using a carrot and stick method, efforts should be made to implement disarmament, demobilization, and reintegration (DDR) programs for RSF combatants to reduce the number of armed forces and reintroduce them back into civilian life.

Without serious intervention by the international community, Sudan will continue to spiral out of control and it is the civilians who will suffer the most.

Chloe Atkinson is a climate change activist and consultant on global climate affairs.


NATO Accelerates Its Conflict With China


 
 JULY 22, 2024
Facebook

At the North Atlantic Treaty Organization (NATO) summit in Washington, the focus was on Ukraine. In the Washington Declaration, the NATO leaders wrote, “Ukraine’s future is in NATO.” Ukraine formally applied to join NATO in September 2022, but soon found that despite widespread NATO support, several member states (such as Hungary) were uneasy with escalating a conflict with Russia. As early as NATO’s 2008 Bucharest Summit, the members welcomed “Ukraine’s and Georgia’s Euro-Atlantic aspirations for membership in NATO. We agreed today that these countries will become members of NATO.” However, the NATO council hesitated because of the border dispute with Russia; if Ukraine had been hastily brought into NATO and if the border dispute escalated (as it did), then NATO would be dragged into a direct war against Russia.

Over the last decade, NATO has expanded its military presence along Russia’s borders. At the NATO summit in Wales (September 2014), NATO implemented its Readiness Action Plan (RAP). This RAP was designed to increase NATO’s military forces in Eastern Europe “from the Baltic Sea in the north to the Black Sea in the south.” Two years later, in Warsaw, NATO decided to develop an enhanced Forward Presence (eFP) in the Baltic Sea area with “battlegroups stationed in Estonia, Latvia, Lithuania, and Poland.” The distance between Moscow and the border regions of Estonia and Latvia is a mere 780 kilometers, which is well within the range of a short-range ballistic missile (1,000 kilometers). In response to the NATO build-up, Belarus and Russia conducted Zapad 2017, the largest military exercise by these countries since 1991. Reasonable people at that time would have thought that de-escalation should have become the priority on all sides. But it was not.

Provocations from the NATO member states continued. After Russia invaded Ukraine in 2022, the NATO countries settled on a course of fully backing Ukraine and preventing any negotiations toward a peaceful settlement of the dispute. The United States and its NATO allies sent arms and equipment to Ukraine, with U.S. high military officials making provocative statements about their war aims (to “weaken Russia,” for instance). Ukrainian discussions with Russian officials in Belarus and Turkey were set aside by NATO, and Ukraine’s own war aim (merely for Russian forces to withdraw) was ignored. Instead, NATO countries spent billions of dollars on weapons and watched on the sidelines as Ukrainian soldiers died in a futile war. On the sidelines of the NATO summit in Washington, Royal Netherlands Navy Admiral Rob Bauer, who is the chair of NATO’s Military Committee, told Foreign Policy, “The Ukrainians need more to win than just what we have set up.” In other words, the NATO states provide Ukraine with just enough weapons to continue the conflict, but not to change the situation on the ground (either by a victory or a defeat). The NATO states, it seems, want to use Ukraine to bleed Russia.

Blame China

NATO’s Washington Declaration contains a section that is puzzling. It says that China “has become a decisive enabler of Russia’s war against Ukraine.” The term “decisive enabler” has attracted significant attention within China, where the government immediately condemned NATO’s characterization of the war in Ukraine. China’s Foreign Ministry spokesperson Lin Jian said that NATO’s statement “is ill-motivated and makes no sense.” Shortly after Russian troops entered Ukraine, China’s Wang Wenbin of the Foreign Ministry said that “all countries’ sovereignty and territorial integrity should be respected and upheld.” This is precisely the opposite of cheerleading for the war, and since then China has put forward peace proposals to end the war. Accusations that China has supplied Russia with “lethal aid“ have not been substantiated by the NATO countries, and have been denied by China.

Lin Jian asked two key questions at the July 11, 2024, press conference in Beijing: “Who exactly is fueling the flames? Who exactly is ‘enabling’ the conflict?”. The answer is clear since it is NATO that rejects any peace negotiations, NATO countries that are arming Ukraine to prolong the war, and NATO leaders who want to expand NATO eastwards and deny Russia’s plea for a new security architecture (all of this is demonstrated by German parliamentarian Sevim DaÄŸdelen in her new bookon NATO’s 75-year history). When Hungary’s Viktor Orban—whose country holds the six-month presidency of the European Union—went to both Russia and Ukraine to talk about a peace process, it was the European states that condemned this mission. Ursula von der Leyen, president of the European Commission, responded with a harsh rebuke of Orban, writing that “Appeasement will not stop Putin.” Alongside such comments come further promises by the Europeans and the North Americans to provide Ukraine with funds and weapons for the war. Strikingly, the new NATO Secretary General Mark Rutte even allowed Ukraine to use an F-16 jet from the Netherlands given to Ukraine when Rutte was the prime minister of that country to strike Russian soil. That would mean that weapons from a NATO country would be used directly to attack Russia, which would allow Russia to strike back at a NATO state.

NATO’s statement that characterizes China as a “decisive enabler” permitted the Atlantic alliance to defend its “out of area” operation in the South China Sea as part of its defense of its European partners. That is what permitted NATO to say, as outgoing Secretary General Jens Stoltenberg said in a press conference, that NATO must “continue to strengthen our partnerships, especially in the Indo-Pacific.” These Indo-Pacific Partners are Australia, Japan, New Zealand, and South Korea. Interestingly, the largest trading partner of three of these countries is not the United States, but China (Japan is the outlier). Even the analysts of the U.S. Federal Reserve Bank have concluded that “a delinking of global production processes and consumption from China is not in sight.” Despite this, these countries have recklessly increased the pressure against China (including New Zealand, which is now eager to join Pillar II of the AUKUS Treaty among Australia, the United States, and the United Kingdom). NATO has said that it remains open to “constructive engagement” with China, but there is no sign of such a development.

This article was produced by Globetrotter.

Vijay Prashad’s most recent book (with Noam Chomsky) is The Withdrawal: Iraq, Libya, Afghanistan and the Fragility of US Power (New Press, August 2022).