CrowdStrike Gives Name New Meaning
You might have heard that there was a global IT outage today. It was a pretty big deal.
I regret to inform you that I was personally affected by it. Earlier this morning, I strolled down a main thoroughfare to pay a call at a local health clinic, where I intended to subject myself to the latest in a series of quarterly blood takings. My doctor has prescribed the tests as a means of keeping tabs on my blood sugar, which is not quiet in diabetic territory – an austere diet and regular exercise have kept the wolf from the door – but still requires regular monitoring
When I got to the clinic, all the blinds were down and a sheet of paper was taped to the entrance. On that sheet of paper was a handwritten notice indicating that the office was closed temporarily due to “the global IT outrage.” I have no idea whether the author intentionally added the extra consonant. Regardless, I concede that the outage probably generated a measure of outrage. I should have taken a picture of the terse communique, but I’m not what you would call an Instagram type. It was only later, after I’d walked a great distance, that I thought, “Damn, I should have taken a picture.” Too late.
Before I left the house for my abortive journey to the clinic, I’d read articles in the Wall Street Journal and Reuters about the outage, reportedly caused by a defective software update from CrowdStrike that brought down computers running Microsoft Windows. Stricken systems displayed the notorious “blue screen of death” in a recurring reboot loop. We’ve seen this movie before. To accentuate the sense of déjà vu, we learned that computers running Apple’s macOS and Linux were uncompromised.
The world, or at least the large portion of it that combined CrowdStrike with Windows, was brought low by software distributed across a vast network of computers. The software wasn’t designed to attack; it was intended instead to protect, but it was defective. The principals actors, those who caused the outage, were derelict developers, not malicious hackers. Perhaps that distinction was of little comfort to bankers and retailers and their clients, who were inconvenienced, or to airlines and passengers, who were grounded and serially delayed, or to hospitals and their patients, also made to suffer.
Still, I suppose we should take modest comfort from the fact that the outage was not the result of a sinister attack. Instead, it was more like a hugely delayed version of what Y2K was supposed to have been. Who knew that Y2K would be a quarter century late and have no causal connection to the calendar?
What’s In a Name?
CrowdStrike is a great name for a company, but today’s events suggest a connotation that its founders and their image consultants, presuming any were involved in the naming and branding exercise, likely never envision or wanted to imagine. The crowd – a large one at that – was undeniably struck, and the strike was of sufficient force to scupper and capsize everything running Windows in its globe-girding path.
We tend not to think about our dependence on networked IT systems because, most of the time, those systems remain available and functional. Yes, we think about their security, and we take measures to protect them, but we assume that they will keep running. When they falter, though, we’re suddenly reminded of their presence and of how much we have come to rely on them in nearly every facet of our personal and professional lives. That realization, in the immediate aftermath of a protracted outage, is invariably compounded by waves of annoyance, exasperation, frustration, and – for some – blind fury. Perhaps the unknown author at the clinic I visited was uncannily accurate in referring to “global IT outrage.”
In the world beyond that clinic, anger and recrimination were in abundant supply, reflected in a storm of headlines and articles. Major international airlines were forced to ground their flights; retailers, banks, and hospitals were brought low, if only temporarily.
As a publicly listed company, CrowdStrike was exposed to the wrath of the market. The company’s stock price plunged precipitously, though it recovered a bit of lost ground later in the day. Microsoft shares dipped only slightly, probably because it is a massive company with multiple product and service portfolios to cushion any single blow, but perhaps also because it was perceived partly as a victim rather than as a negligent accomplice.
If there’s solace for CrowdStrike, it’s that the memories of investors (and nearly everybody else) tend to be short in the digital age. Companies afflicted by outages or that cause outages are pilloried in the moment and its immediate aftermath, but they’re gradually forgiven (or the event is forgotten, displaced by other woes), allowing the offending companies to recoup their market losses, as bitter memories of ignominy fade from public consciousness.
Not Tech’s Finest Hour – Or Week
That said, tech stocks generally bore the brunt of investor resentment earlier today. Anxious and rattled investors, already on edge for reasons unrelated to today’s events, had pummeled tech stocks earlier this week; they were in no mood for an outage as a rancid cherry on top, regardless of the cause.
The public market’s reaction, at least to today’s events, seemed inflamed by pique and petulance, layered atop an already surly disposition. Something bearing a semblance to equanimity, though perhaps not quite reaching the altitude of levelheadedness, will return, though not today.
Some observers, though, were keeping a stolid eye on the prize, realizing that it’s not all doom and gloom. What happened today was unwelcome, yes, but there are much bigger issues threatening the fate of tech stocks, including worsening geopolitical tensions, epitomized by the growing trade war/Cold War featuring the U.S. and China as increasingly bellicose foes. A fat-fingered software update from CrowdStrike is not in any way helpful, especially for the company’s clients and their customers, but its impact will be short-lived and relatively limited in scope.
Despite the public’s withered attention span, CrowdStrike will have to weather its own storm. As one Wall Street analyst said, customers might not perceive an alternative to Microsoft’s Windows, the only operating system afflicted by the faulty update, but they readily appreciate that there are many fish in the security-software sea. They have options to CrowdStrike, and the cost of switching is not prohibitive.
Old Tools Reanimated
Still, while Elon Musk might have responded with the imperious thumbs-down gesture of a Roman emperor, many CrowdStrike customers will give the matter sober second thought, or forget about it entirely, before deciding whether to ditch CrowdStrike or otherwise diversify their digital ramparts.
At airports and offices, workers and administrators rediscovered the surprisingly effective utility of pen and paper. Such archaic tools aren’t at the cutting edge, nor do they scream efficiency, but they work in a pinch, and staff resorted to the old standbys in boarding passengers onto aircraft and to gradually shorten queues at many offices and stores that were briefly forsaken by modern technologies.
After finding the clinic closed, I decided to go for a long walk, “just to think,” as Steve Coogan and Rod Brydon might put it. After a vigorous footslog, I doubled back to the clinic to see whether service had resumed. Fortunately, it had reopened, and I was among the first to benefit. I was in and out in a matter of minutes, but while I was subjected to my quarterly bloodletting, I learned that the IT systems on premises still weren’t back in full vigor. In the meantime, all administrative functions, as in so many other workplaces retrogressed by the outage, were being fulfilled the old-fashioned way – with pen, paper, and some primitive manual filing.
The old ways still work, apparently, but I suspect not many of us want to avail ourselves of a time machine and return to the Kodak moments of IBM Selectrics and filing cabinets.
Today’s outage was inconvenient for nearly everybody, and costly and seriously aggravating for some. I can safely forecast that it’s not the last serious outage that we’ll experience – there will be many more, to be sure – but that doesn’t mean we have a feasible alternative to our immersion in ubiquitous, networked, almost-always-on information technologies, at least not one that gives us the immediacy, efficiency, predictability (well, most of the time), and scale of modern technology.
Intermittent aggravation and periodic “IT outrage” notwithstanding, our dependence is akin to an addiction, and we’ll keep coming back for more.