Bangkok One News
Home » Warning Signs in the Digital Age
Bangkok News Breaking News

Warning Signs in the Digital Age

Warning Signs in the Digital Age

Global IT Outage Highlights Need for Preparedness: Lessons from the CrowdStrike Incident

On July 19, a worldwide IT outage triggered by a flawed software update from cybersecurity firm CrowdStrike Holdings served as a critical reminder for local organizations to bolster their systems against unexpected disruptions.

As reported by Bloomberg, CrowdStrike disclosed that a bug in a quality-assurance tool used to test updates for errors allowed faulty data to reach customers, resulting in the significant IT outage. The company hurriedly deployed an update for Windows devices that day through a rapid-response mechanism designed to address evolving threats, but this update contained a critical flaw. According to an incident report released on July 24, the company’s “content validator,” responsible for error-checking updates, malfunctioned and allowed the bug to slip through.

This undetected error led to the crash of Windows systems, causing one of the most widespread IT failures ever witnessed.

Both Microsoft and CrowdStrike have released fixes, and many affected systems are now operational again. CrowdStrike is also reportedly working on improving its Rapid Response Content testing moving forward.

The incident impacted various business operations in Thailand, including airlines that operate out of major airports like Suvarnabhumi and Don Mueang.

Emergency Preparedness is Crucial

The Stock Exchange of Thailand (SET) confirmed that it was unaffected by the IT outage as it does not utilize CrowdStrike software for its securities operations. Senior Executive Vice-President Thirapun Sanpakit, who also leads the SET’s IT division, stated that proactive testing of their IT systems is an ongoing measure to prepare for such incidents.

In light of the outage, the SET consulted its securities software vendor to understand the global incident and develop measures to prevent future occurrences. The exchange is equipped with a backup site for emergencies, routinely tested at least once a year.

While most brokerage firms utilize a secure front-end Linux system, some brokers dependent on CrowdStrike were affected but managed to resolve the issue swiftly without significant damage. Thirapun urged members to switch from auto updates to manual updates to avoid future system failures.

Affected listed companies are encouraged to learn from this experience, and the entire industry must enhance its preparedness for potential problems in the future.

Strengthening Cybersecurity Measures

Jomkwan Kongsakul, Deputy Secretary-General of the Securities and Exchange Commission (SEC), noted that the regulator and stakeholders in the capital market are working to establish a Thailand Computer Emergency Response Team (TCM-CERT) aimed at boosting cybersecurity. Though the SEC itself was not impacted by the CrowdStrike incident, it is closely monitoring the situation and providing guidance to related businesses.

The SEC places great importance on ensuring cybersecurity resilience across all organizations involved.

Following the incident, the banking sector’s Computer Emergency Response Team (CERT) sent recommendations to members of the Thai Bankers’ Association outlining preventive measures against potential threats to their IT supply chains, including contingency plans for major outages.

Maintaining Confidence Amid Disruption

Thai AirAsia was one of the airlines affected at Don Mueang Airport, experiencing disruptions to its online systems and check-in services. Tansita Akrarittipi, the head of commercial at Thai AirAsia, reported that the incident caused delays for over 200 flights and affected approximately 40,000 passengers. However, the airline managed to continue operations without stranding any travelers.

The system outage lasted two days, with the most significant disruptions occurring on July 19 from 12:30 PM to 10 PM and on July 20 from 6:30 AM to 11 AM. Despite the incident, Tansita expressed confidence that it would not negatively impact traveler sentiment as the airline has handled past outages effectively.

She emphasized the importance of IT expertise in managing airline operations and noted ongoing discussions about improving crisis management protocols moving forward.

Creating a More Resilient Digital Environment

Matthew Hardman, Chief Technology Officer (Asia-Pacific) at Hitachi Vantara, highlighted that while the outage wasn’t due to a cyber-attack, it underscored the vulnerability inherent in our interconnected digital infrastructure. He emphasized the necessity for organizations to prioritize data protection and cyber resiliency to enable effective recovery and maintain business continuity.

Associate Professor Siriyupa Roongrerngsuke, Executive Advisor at Bumrungrad International Hospital, advised against relying on a single cybersecurity vendor. The cascading impacts of software failures can disrupt entire business ecosystems, underscoring the need for diversifying security products.

A blog post from IT research firm IDC pointed out the differing trust practices among operating system vendors like Microsoft and Apple regarding granting independent software vendors access to critical system parts. Notably, devices running iOS, macOS, and Linux were unaffected during this incident, prompting questions around vendor practices and customer recovery strategies.

Exercise Caution with Updates

Axel Winter, Chief Executive of Xponential, advised that organizations should avoid automatic updates for non-critical systems and instead test changes beforehand. Even cloud providers introduce changes incrementally, providing notices of high-impact updates.

Morragot Kulatumyotin, Managing Director of Internet Thailand, added that while only a small fraction of their customers were impacted, their focus remains on early detection and rapid resolution of issues. She emphasized the need for organizations to conduct business continuity plan (BCP) drills regularly to ensure preparedness for future outages.

Ensuring Backup Plans are in Place

Nestlé Thailand reported that it was not affected by the global outage since it does not utilize CrowdStrike’s services. Nonetheless, the company maintains contingency plans to mitigate cybersecurity risks.

Thienprasit Chaiyapatranun, President of the Thai Hotels Association, noted that hotel operators could prepare for emergencies by maintaining analog records of guest information to avoid disruptions during system failures.

In conclusion, this incident serves as a critical reminder of the importance of cybersecurity preparedness and resilience to ensure that businesses can withstand and quickly recover from unexpected IT disruptions.

Translate »