Technology Dependence and Vulnerability

Tech Trap

The growth and advancement of technology has attained phenomenal proportions during past couple of decades. Today, we have arrived at a situation wherein most of the day-to-day processes are digitised or partially digitised, with technology dominating every aspect of our life. The headways in technology have caused a dependency to the extent that a technical glitch could become a showstopper for our routine operations. A glaring example is the global IT incident that happened on 16th July'24, which was termed as the largest IT outage in recent times.

For the uninitiated, on the morning of 16^th July, a majority of systems started malfunctioning, displaying Windows Blue screen of Death (BSOD), which is an indication of a deadlock wherein one can’t proceed further, as the system resorts to unexpected reboots and sudden shutdowns. The issue was caused on Microsoft systems by its security software. Crowdstrike provides cyber security software for Windows on Falcon platform, to prevent cyber attacks and hacking. They had deployed an update to their software, but unfortunately it had a bug which caused Windows devices to crash across the globe. In fact, the upgrade induced an issue similar to the one for which it was designed as a prevention. The outage led to grounding of major airlines, besides impacting financial and health services in many countries, affecting approximately 8.5 million devices worldwide and resulting in an estimated loss worth 5.4 billion US dollars. While there has been a serious opinion regarding inadequate testing of the upgrade before its deployment, the fact remains that a small programming error led to an outage of mammoth proportions. This incident serves as an eye-opener for humanity, indicating the level of vulnerability that our technology infrastructure is subject to. It also gives us an insight about the disruptive consequences of a malicious cyber attack. The exposure is further aggravated by the fact that today most of the processes are digitally interdependent.

The foregoing makes it imperative for us to be equipped with a proper resolution strategy pertaining to such disasters in future. The incident has attracted criticism from various corners, a major concern being about putting all eggs in one basket. The mitigation for such disasters would be to resort to some amount of decentralisation to prevent a single point of failure. An ideal solution could include a network of distributed systems, wherein the pool can be serviced by some systems even though a few of them are down, though this could introduce some level of redundancy. As a best practice, software developers need to lay emphasis on rigorous processes and extensive testing of the product before shipping the same. On the other hand, organisations need to have robust Crisis Management, with regular drills and disaster recovery plans in place.

While these mitigations can be enforced, the bottom line is that with increased digitisation, the vulnerability or risk exposure also goes up manifold. We need to be actively equipped for any technology disaster by employing right strategies and techniques to improve operational resilience and minimise outages.

The author is a technocrat with expertise in Data Analytics, Cyber Law and Digital Forensics. He is currently acting as consulting advisor/ mentor to several startups.