At the start of a new year, I was reminded of how we all feared the start of the one at the beginning of this century. We were very uncertain as to whether moving from 19... to 20... might bring down everything. The reminder came in the form of this headline: "More Frequent -- And Disruptive --Tech Outages Are On the Way". It was in an article that recalled the big crash many of us experienced in July when a "routine software update containing a bug that crashed 8.5 computers. It was the largest IT outage in history, grounding 17,000 flights, preventing doctors from accessing medical records, interrupting 911 services and plunging broadcasters into blackouts. Such massive outages are rare, but here's why smaller outages and data breaches will happen more often in 2025."
Some crashes will happen because of accidents or mistakes. The author points out that:
"The logic is simple: more complex systems contain more vulnerabilities. For example, software engineers today often rely on open-source code, which performs simple tasks like calculating time zone differences. The code is free and saves time. But it can also be buggy and plagued with compatibility problems, leading to accidental disruptions. This past March, a misconfiguration in OpenSSL—an open-source software library that encrypts a large volume of internet traffic—triggered crashes in web services and databases. It took days to patch the issue."
Another author, just yesterday, wrote about giving out "Good Tech Awards",
"To Andres Freund, and every open-source software maintainer saving us from doom. The most fun column I wrote this year was about a Microsoft database engineer, Andres Freund, who got some odd errors while doing routine maintenance on an obscure open-source software package called xz Utils. While investigating, Mr. Freund inadvertently discovered a huge security vulnerability in the Linux operating system, which could have allowed a hacker to take control of hundreds of millions of computers and bring the world to its knees.It turns out that much of our digital infrastructure rests on similar acts of nerdy heroism."
That sentence indicates that some crashes will be intentional or deliberate. The day after reading the first article, I was having breakfast with friends, and one of them asked another why he had not been responding to his emails and the answer turned out to be that they had been sent to the company for which he worked and that company had been the victim of a cybercrime. The company has since paid the criminals.
There have been many articles about such attacks, which bring down systems if a ransom is not paid. Even systems in hospitals, or libraries like those in Calgary, Toronto and the British Library.
If you search for examples involving cybercrime or ransomware they are easy to find and attacks are found daily in many different publications that focus on these subjects. The illustration above, came from one, Cybercrime Magazine. In it, under "Latest Security and Privacy News", one finds many and here are just a few recent, Canadian cases:
Auto parts giant LKQ says cyberattack disrupted Canadian business unit.
Cyberattack hits third-party service provider that collects Manitoba court fines.
Outage at Winnipeg schools confirmed as cyberattack.
LifeLabs data breach report released after firm loses four-year bid to keep it quiet.
Canada Arrests Man Suspected of Hacks of Snowflake Customers.
Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns.
Even if you are someone who doesn't rely on computers and the Internet, you are reading this. Even a pure Luddite these days would be surprised by how much could not be done if systems go down. A major internet crash could be worse than a stock market meltdown. We are lucky every day when the power comes on, water pours from the faucet and the computer and TV work.
Sources:
"More Frequent—and Disruptive—Tech Outages Are on the Way: As companies offload tech systems to third-party suppliers, their supply chains will become vulnerable," Kami Vaniea, Maclean's, Dec. 17, 2024.
"The 2024 Good Tech Awards," Kevin Roose, NYT, Dec. 30, 2024.
No comments:
Post a Comment