The Odd Timing of the CrowdStrike ‘Error’

“In what will go down as the most spectacular IT failure the world has ever seen, a botched software update from cybersecurity firm CrowdStrike Holdings Inc. crashed countless Microsoft Windows computer systems around the world on Friday,” Yahoo!finance (and all other publications on the planet) reported. “The catastrophic failure underscores an increasingly dire threat to global supply chains: The IT systems of some of the world’s biggest and most critical industries have grown heavily dependent on a handful of relatively obscure software vendors, which are now emerging as single points of failure.

Total recovery from CloudStrike failure ‘could take weeks’ amid more flight delays , said The Independent.

Those are the facts. And then there’s CrowdStrike itself, emerging again as a problem in yet another election year, and if ever there was a company appropriately named…

Underreported: the controversial CrowdStrike reported in 2016 that Russia was behind the 2016 WikiLeaks, without allowing independent verification .

“The Democratic National Committee “rebuffed” a request from the FBI to examine its computer services after it was allegedly hacked by Russia during the 2016 election, a senior law enforcement official told CNN (in 2017)… “This left the FBI no choice but to rely upon a third party… security company called CrowdStrIke… for information,” CNN reported. ?

Reddit later reported that “CrowdStrike has retracted statements it used to Support claims of Russian hacking.”

“CrowdStrike's involvement helped the company to no end, increasing its public profile to the point where the company was able to go public last year. It is now valued at around US$16 billion, easily the highest valuation in the industry, ITWire reported in 2020.

Although, the stock did lose quite a bit of its value lately, and how did this global outage happen? “CrowdStrike update that caused global outage likely skipped checks, experts say,” CNBC reported.

Oops?

The CEO did apologize, so all good, right, in keeping with that ‘Ask Forgiveness’ thing. Still, “Regulators and lawmakers across the political spectrum raised alarm that the?sprawling outage ?that knocked out Windows showcases the danger of so much power concentrating into one firm, which drives governments, businesses and critical infrastructure around the world,” said the Washington Post . (That ‘firm,’ of course being MSFT, founded by everyone’s favorite globalist, Bill Gates.) “The episode is resurfacing concerns that Microsoft’s grip over global systems is opening up federal agencies and businesses to unnecessary risk — raising questions about whether the power of one of the world’s most sophisticated political operators should be curtailed.

““The curious bit about this whole story is that Microsoft is probably the closest rival and No. 2 player to CrowdStrike in the market for?endpoint security. If you’re going to flee CrowdStrike because of this mishap, do you really want to land in the lap of the other company involved in Friday’s fiasco?”

But wait! There’s more!

“The global impact of this outage reflects CrowdStrike’s dominance,” CNBC noted. “Over half of Fortune 500 companies and many government bodies such as the top U.S. cybersecurity agency itself, the Cybersecurity and Infrastructure Security Agency, use the company’s software.”

Of course, since this is again a major election year and with the timing of the ‘outage’ being so suspect coming just after an assassination attempt on a US candidate for President, we’re by no means a conspiracy theorist, but forest through the trees: one does wonder if this might have been something of a test, given CrowdStrike’s controversial if not dubious history…

“Ideally, this would have been rolled out to a limited pool first,” said John Hammond, principal security researcher at Huntress Labs in the CNBC piece. “That is a safer approach to avoid a big mess like this.”

Ideally? That’s pretty much standard practice in tech.

And how is it that CrowdStrike Insiders (knew to sell the) Stock Before the Outage ?

Even more concerning: If one company’s ‘software update’ can shut down so many systems globally, and so many systems are under the control of yet another single company, imagine what could happen down the road when with the world growing increasingly dependent on AI. Could it mutate to become a monster, as many have speculated, too ‘smart’ or at least too embedded to be controlled of ‘fixed’ with a software update?

So, was this outage an ‘oops’ or a cautionary tale?

It’s important to note that there are only a handful of companies are emerging as dominant players in AI, with the focus here on LLMs, which seem to be consuming much of the world’s attention and operating systems, with critical thinking being offloaded to the so-called time and effort-saving LLMs. As it went with our privacy, at what price convenience?

The Microsoft/CrowdStrike outage shows the danger of monopolization , The Guardian reported and ya think? People often defer to Marc Andreessen’s contention that software is eating the world, and while that does seem to be true, given the global dominance of basically a handful of companies, which we’ve referred to as nation-states more powerful than any single government since the dawn of the age of so-called social, we contend that it was Peter Thiel who absolutely nailed it when he said that we wanted flying cars. Instead it seems, and we paraphrase, all we got these 140 characters, and that’s what should truly concern you as we go onward and forward.

This piece first appeared in the StartupOneStop newsletter