My Two Cents: The CrowdStrike MS Windows SNAFU and Its Impact on Lawyers π»π¨
/
a faulty software update from CrowdStrike created caos for many industries - lawyers may have been one of them!
Last week, the legal community was jolted by a significant disruption caused by a faulty software update from CrowdStrike, a leading cybersecurity firm π‘οΈ. This update, intended for Microsoft Windows systems, led to widespread outages, affecting numerous sectors, including airlines βοΈ, hospitals π₯, and financial institutions π¦. The incident serves as a stark reminder for lawyers about the vulnerabilities inherent in relying solely on a single operating system or service provider.
The Fallout Across Sectors πͺοΈ
The CrowdStrike update, deployed on July 19, 2024, inadvertently caused Windows machines to crash, displaying the infamous "Blue Screen of Death" (BSOD) π. This glitch had a domino effect, particularly in sectors heavily reliant on Windows-based systems. Airlines were among the hardest hit, with thousands of flights canceled or delayed as check-in and scheduling systems went offline β. For instance, Delta Air Lines and its affiliates canceled over 1,100 flights, while other major airlines faced similar disruptions.
Hospitals and emergency services also experienced significant setbacks π. In the United States, the Emergency Alert System reported 911 outages in several states, while hospitals in Germany and Israel had to cancel non-urgent surgeries and reroute ambulances. Financial institutions, including banks in Australia and New Zealand, faced system inaccessibility, affecting transactions and customer services π³.
The Impact on Apple Users π
Interestingly, Apple users remained largely unaffected by this debacle. The faulty update was specific to Windows systems running CrowdStrike's Falcon software, leaving macOS and Linux systems unscathed π. However, Apple computers may have been indirectly impacted due to services that run on Windows-based platforms, such as Software as a Service (SaaS) applications and Windows-based servers. This highlights that even if the hardware and operating systems are secure, dependencies on Windows-based services can still cause disruptions.
Lessons for Lawyers πβοΈ
Lawyers can learn many lessons from the crowdstrike snafu!
The CrowdStrike incident is a powerful lesson for lawyers and law firms about the importance of tech diversification and robust contingency planning. Here are some key takeaways:
Cross-Platform Services π: Relying on a single operating system or service provider can be risky. Lawyers should consider integrating both Windows and macOS systems within their practices. Similarly, using both iPhone π± and Android π€ devices can mitigate risks associated with platform-specific outages.
Redundant Internet and Cellular Providers π‘: Ensuring that your practice has access to multiple internet and cellular providers can prevent complete shutdowns during service outages.
Secure and Reliable Data Backups πΎ: Regularly backing up data to secure, redundant locations is crucial. Cloud-based services βοΈ, external hard drives, and even physical copies can ensure that critical information remains accessible during tech crises.
Cybersecurity Vigilance π: Staying updated with the latest security patches and updates is essential. However, it's equally important to have a protocol for quickly addressing any issues that arise from these updates.
The CrowdStrike MS Windows SNAFU should serve as a wake-up call for the legal community π¨. Diversifying tech infrastructure and maintaining robust, secure data backups are not just best practicesβthey are essential strategies for ensuring continuity and resilience in the face of unforeseen disruptions. By learning from this incident, lawyers can better safeguard their practices and continue to serve their clients effectively, even in the midst of technological crises πͺ.
