Will the cost of the Global Microsoft-CrowdStrike outage run into trillions of dollars?

By Ajay Singh, Author of Cyber Shock: Cyberattacks that Shook the World

What we know so far:

A recent update by cybersecurity firm CrowdStrike has led to a major global outage. There are widespread reports of crashes Microsoft Windows hosts related to the Falcon Sensor with screens showing the ‘Blue Screen of Death’ (BSOD). The resultant global outage has had significant impacts across various sectors. Here are some key points:

·??Thousands of flights were cancelled or delayed globally, affecting major airlines like American Airlines, Delta, Air India, Indigo and United.

·? Banks and brokerage houses reported widespread outages, affecting their operations.

·? The outage disrupted trading activities and caused delays in financial transactions including London's Stock Exchange

·?Various cloud services experienced disruptions, impacting businesses that rely on these platforms.

·?Many businesses, big and small, experienced crashes and operational issues, particularly those using Windows computers.

·?Television channels and supermarkets around the world have been rocked by the chaos.

·??There have been temporary disruptions in public transit systems, airfreight and healthcare services.

·? Millions of people around the world have been affected by the CrowdStrike Global Outage

All this makes this incident an unprecedented cyber disaster of epic proportions.

Recovering from the impact of the outage

Organizations across the world are grappling with the impact of the outage. From reverting to manual systems to following recovery methods to address issues like the recent Blue Screen of Death (BSOD). However, this is not proving to be an easy task.

Some suggested fixes provided by CrowdStrike include:

·??Rebooting the affected systems multiple times to allow them to download the corrected update.

·??If the system does not work after rebooting, then boot into Safe Mode or Windows Recovery Environment and manually delete the faulty driver file located at C:\Windows\System32\Drivers\CrowdStrike\C-00000291*.sys.

·? Restore systems using a backup from before the faulty update was deployed.

?CrowdStrike has also isolated the issue and deployed a corrected update to prevent further occurrences.

While the aim of these methods is to enable restoration of normal operations and minimize further downtime, they may involve personal intervention at multiple places. This exercise may be challenging especially for large organizations with global operations and may entail several days and weeks of recovery operations.

Economic Impact

The next big question after recovery is to count the losses resulting from this incident. Determining the exact financial impact is a very complex exercise and at least for now we will have to look at estimates to understand the gravity of the situation.

Global outages can have significant long-term effects across various sectors. The points to consider are in terms of economic impacts are:

·? Prolonged outages can lead to substantial revenue losses for businesses, especially those heavily reliant on online operations.

·? Companies may face increased costs due to the need for emergency fixes, overtime pay, and even potential fines for failing to meet service level agreements.

·?? Downtime can disrupt daily operations, leading to a loss of productivity and efficiency.

·?? Outages can affect supply chains, causing delays and increased costs for materials and products.

·??New security risks in the light of exposed vulnerabilities

? There is a risk of data loss or corruption during outages, which can have long-term implications for data integrity and security.

· ?Outages often signal the need for better infrastructure, leading to additional investments in more resilient and advanced technologies.

Preliminary estimates from experts indicate losses from running into tens of billions of dollars to even a trillion dollars taking into account the long tail of recovery that is likely to follow.

‘Microsoft meltdown will cost global economy TRILLIONS & it ‘could drag on for weeks’ runs a headline in The Sun.

CrowdStrike’s own shares has dipped by over 20 percent in unofficial trading and may have wiped out nearly $ 16 billion in valuation.

What could be the economic impact of the global outage?

To put things in perspective, the global COVID-19 coronavirus pandemic had severe negative impacts on the global economy due to productivity losses. In terms of numbers this meant a drop of over two trillion U.S. dollars of lost economic output in 2020. While this the global outage has caused significant disruptions, its economic impact is not on the same scale as the COVID-19 pandemic and hence while losses may not be as high as a trillion dollars, the recent global outage bill will certainly run into tens of billions of dollars.

The big question now is who is responsible for the chaos and financial losses as a result of the incident? Is CrowdStrike responsible? What is their liability? Is there a legal recourse for affected people and organizations? Is an apology enough?

?