Microsoft and Cloudstrike. Where was the 'Stop Button' when we needed it?

 

As a researcher, I recently raised my concerns about the need for more standards and assurance on AI and autonomous systems moving toward full autonomy. 

Microsoft is currently assisting customers in recovering from a major software update failure. The company is also urging all businesses to implement stringent quality control measures before releasing any software updates. This call to action comes in the wake of a faulty software update that rendered an estimated 8.5 million Windows devices worldwide inoperable. This incident is believed to be the largest cyber-related outage in history, surpassing even the infamous WannaCry attack of 2017.

It's crucial to remain vigilant in the aftermath of this incident. There have been warnings about a surge in opportunistic hacking attempts linked to the outage. As a precaution, people are advised to look for fake emails, calls, and websites that could be used as a gateway for further cyber-attacks.

'On July 19, 2024, CrowdStrike released a software update to the vulnerability scanner Falcon Sensor. Flaws in the update caused blue screens of death on Microsoft Windows machines, disrupting millions of Windows computers worldwide. Affected machines were forced into a boot loop, making them unusable. The downtime caused a widespread global impact, grounding commercial airline flights, temporarily taking Sky News and other broadcasters offline, and disrupting banking and healthcare services and 911 emergency call centres.' (Wikipedia, accessed July 20 2024)).

It's time to start questioning the dominance of major technology companies. In June 2023, the Federal Trade Commission launched an investigation into the business practices of cloud computing. While Microsoft and Amazon, the industry giants, argued that it was a competitive market, Google disagreed and accused Microsoft of stifling competition.

Should we consider a payback from the investigation of Democratic National Committee cyberattacks and a connection to Russian intelligence services? We may never know. However, we know that only one system could have such an impact on the world. We need to question the technology monopole. In June 2023, the Federal Trade Commission investigated cloud computing business practices. Microsoft and Amazon, the major players, argued that it was a competitive market. Google disagreed and accused Microsoft of hindering competition.

But what was that update? What is the scanner Falcon sensor? CrowdStrike Falcon is cybersecurity's AI-native platform.

Their corporate wording did not match the magnitude of the failure. If the root cause is still not crystal clear after such a global impact, I wonder if the basic rollout passed the normal Quality assurance testing before sending the update to production environments.

After launching in their recent June press release with 'Trustworthy and Responsible AI Network expands to help European healthcare organisations enhance the quality, safety and trustworthiness of AI in health', This incident questions the assurance processes and standards of a fast-growing AI world faster than our legislation can keep up with.

While new companies are thriving to implement safety measures, moving toward a more and more autonomous world, there is an urgent need for governments and major technology companies to look at anticipating Threats, autonomous monitoring versus human acting from what they see, which in a world of technology we have is obsolete and too slow compared to what AI can do. Major tech companies need to pay more attention to the impact on their reputation and brands with standards and regulations to Keep Humans in the game & Post-disaster. The truth is that technology surpasses humans in speed and computing powers, and the only option is to use this technology as an assurance solution.

The disaster happened and will happen again; why are we not speeding the standardisation process with the 'Stop button' and 'Kill Switch technology'? It happened today, and it is still happening in Ukraine with drone controls and another military conflict. When will we stop ignoring the challenges and developing technology without controls and standards?

Christian Brose warned us with his book, 'The Kill Chain'. We have the technology developing faster than ever. Still, some countries like China can now monitor civilians using street cameras and AI facial and body language recognition. In contrast, the West still has people-watching monitors, which are more labour-intensive and less precise (the attention span of an AI is 100% and much lower than in humans).

The lessons learned from this AI cyber incident need to be highlighted:

Strong disaster recovery plans would help organisations bounce back from similar outages.

Thorough update testing: Testing updates before deployment minimises the risk of disruptions. CrowdStrike should have coordinated this testing with Microsoft.

Assurance solution for AI: Have a 'stop button' acting as a switch when human testing is not enough to avoid adversarial attacks, internalised malfunction, and external and internal human error.

Published on Linkedin 20/07/24

References:

https://www.theguardian.com/technology/article/2024/jul/20/the-microsoftcrowdstrike-outage-shows-the-danger-of-monopolization (accessed 20/07/24)

https://news.microsoft.com/2024/06/16/trustworthy-and-responsible-ai-network-expands-to-help-european-healthcare-organizations-enhance-the-quality-safety-and-trustworthiness-of-ai-in-health/ (accessed 20/07/24)

https://www.bbc.com/news/articles/cpe3zgznwjno (accessed 20/07/24)

https://www.crowdstrike.com/blog/crowdstrike-unifies-threat-data-and-ai-for-mdr/ (accessed 20/07/24)

https://www.amazon.co.uk/Kill-Chain-Defending-America-High-Tech/dp/031653353X (accessed 20/07/24)

https://www.crowdstrike.com/platform/ (accessed 20