Tag Archives: Microsoft

Cyber security, Economic, Government, Internet, Society, Technology

CrowdStrike: The risk is ours

INTERNET SECURITY

THE bleak lesson from the devastating global computer breakdown on Friday 19 July – which grounded flights, crashed payment systems, crippled NHS surgeries and hospitals, disconnected phone lines, and knocked media outlets off air – could have been even worse. With no end in sight, this malfunctioning has been dubbed the “digital pandemic” and has already incurred colossal costs in time and money.

To those unversed in the intricacies of computer technology, the speed and extent of the disaster are almost incomprehensible. Surely, many will say, computer systems should be designed to avoid crashes on this scale at all costs. We would not accept planes, trains, or automobiles that dysfunction so badly.

But the truth is when it comes to computers, we accept inherent levels of risk that would be utterly intolerable elsewhere. The technology companies’ profits soar and, when things go wrong, we – the digital serfs of this brave new world – must humbly accept the cost and inconvenience that our masters inflict on us.

To appreciate the scale and complexity of the problem, consider this thought experiment.

Imagine if we allowed almost every traffic light in the world to be made by the same manufacturer. Worse, imagine that all of them were made with a remote-controlled switch that turned them to red. And – catastrophically – that a simple error at the manufacturer or one of its suppliers could trigger this switch all over the world.

Traffic would be instantly gridlocked on every continent. To repair these traffic lights, technicians would in many cases have to dismantle them and fiddle around in the works.

That, in crude terms, is the story of CrowdStrike in this computer breakdown and collapse. Most computers in the world use Microsoft – which makes the ubiquitous Windows operating platform, as well as Word, Excel, and the Teams video-calling system. Many Microsoft customers also rely on other software – in this case the Falcon Sensor program provided by the cybersecurity firm CrowdStrike.

Security software protects computers from attack, typically by screening incoming data to ensure that it does not include “malware” – malevolent programs that steal data, freeze computers, or scramble their contents.

To work properly, these programs must operate unhindered on our computers, phones, and tablets. And to protect against new threats, they must update regularly – and automatically. In this current incident, one of the automatic software updates from CrowdStrike contained a simple, devastating error. Automatically installing on computers that run Windows, it crashed affected devices, triggering a page containing Windows’s error message – the so-called “blue screen of death”.

The result: the world suddenly had to switch to cash payments and handwritten boarding passes, while shops were forced to shut, medical appointments cancelled, and aircraft at airports grounded.

It is little comfort that George Kurtz, the co-founder and chief executive of CrowdStrike, says he is “deeply sorry”. Fixing the problem will not just take hours, but days or even weeks. At best, computers will need to be switched on and off again, allowing a new update to install. At worst, affected machines will need hours of specialist attention.

Nor will it be any comfort to furious customers around the world that CrowdStrike’s share price has crashed, knocking £10billion off its £65billion capitalised market value.

It could have been far worse.

This does not appear to have been a cyber-attack by a foreign power. Microsoft systems in countries all over the world, including Russia and China, were affected.

Nor was it the work of cyber-criminals. The faulty update did not scramble our databases, leaving us open to ransom demands from crime gangs in return for a key to recover our information.

Nor – unlike many recent cyber-attacks – did it whisk our most precious private information away to the Chinese Communist Party’s spy services in Beijing.

A far worse – and narrowly avoided – cyber-attack earlier this year could have given our enemies the master key to hundreds of millions of computers around the world, enabling them to wreak deadly havoc. Known in tech circles as the “xy” attack, it involved a little-known but ubiquitous program that compresses data to improve efficiency.

This attack, probably the work of Russian spies, was uncovered and stopped by chance at the last minute. And because in the end the damage was minimal, it attracted almost no public attention.

That was a near-miss. Far worse was the SolarWinds attack, exposed in 2021. Hackers – almost certainly Russian – bugged an update issued by Microsoft for a widely used program. The targets were Western (chiefly American) defence and other government networks. The cyber raid also exposed data from the U.S. Treasury, Justice, and Commerce departments, and thousands of Wall Street’s top companies.

The internet has become the central nervous system of our civilisation. Yet it was never designed or intended for this. It was built to promote academic cooperation and technological innovation, not global security. It is wide open to abuse by pranksters, fraudsters, and rogue states.

A handful of operating systems and software that updates remotely and automatically create a sitting target.

We would hardly accept such a concentration of risk in other walks of life, especially if we had no control over the decision-makers in such systems, and almost no redress if they made mistakes. With most other products and services, you can sue the provider if there’s a malfunction – and gain additional compensation for any damage caused. Not computers.

Unlike other parts of our technological universe, computers, phones, and software are not sold with proper guarantees. The manufacturers can shrug at their products’ shortcomings.

Buried in the terms and conditions are clauses that exempt the manufacturer from almost all liabilities.

One might well ask how on earth we got to such a parlous state of affairs.

One reason is greed: tech giants like their profits. They lobby hard for their privileged status, just as they do for the right to sell our attention to online advertisers – and to resist demands for proper age verification on social media platforms like TikTok.

But a deeper reason is that we have been naïve and complacent in our headlong embrace of new but untrusted technology. We have prized innovation and convenience ahead of security.

These risks, we were told, were the price of admission to the brave new world of computer wizardry. Maybe. But we are paying heavily for it.

In the case of this cyber meltdown, the culprit was carelessness. But suppose the perpetrator had been some rogue regime, perhaps distracting us at a moment of geopolitical tension?

Imagine that this outage had stopped the trains running, frozen all cash machines and, for that matter, turned all our traffic lights to red – or worse, green.

We would have nobody to blame but ourselves.

Standard
Britain, Cyber warfare, Government, Society, Technology

We’re losing the fight on cyber terror

CYBER WARFARE

MICROSOFT boss, Brad Smith, has warned that cyberspace has become the new battlefield.

He has said that terrorists and rogue states are using it to mount devastating attacks on civilians.

He admitted tools created by technology firms were being turned into weapons – and called for a “digital Geneva Convention” to prevent a global arms race.

Mr Smith, president of the US tech giant, said cyber attacks had already caused real “human suffering” around the world, pointing to a virus which last year crippled NHS hospitals in Britain and caused thousands of appointments – including operations – to be cancelled.

Days before a peace conference in Paris timed to coincide with the 100th anniversary commemorations of the First World War armistice, Mr Smith, 59, also drew comparisons with the build-up of arms in the early 20th century and said history was at risk of repeating itself.

Tech firms need to do more to prevent the use of their services in hacking attacks and governments must come to a global agreement to halt the escalation of cyber attacks, he told Web Summit in Lisbon.

“We cannot remain silent in this century,” he said. “Like it or not – and I don’t think we should like it – the reality is we have become the battlefield. We will do the future an injustice if we don’t also recognise this new generation of technology has also created a new generation of challenges and threats.

“Tools we have created have been turned by others into weapons. If a hospital loses access to its computers and electricity, people’s lives are put at risk.

“We need a moral revolution with this technological revolution. There are lessons from a century ago.”

Mr Smith said almost one billion people were estimated to have been victims of cyber attacks in 2017 alone. Power stations, hospitals and other vital infrastructure will be at even greater risk as more objects are connected to the internet, he warned. He said last year had been “a wake-up call” for technology companies, following the devastating Wannacry and Notpetya viruses that swept through computer systems across the world.

More than one third of NHS trusts were affected by Wannacry, with almost 7,000 appointments cancelled.

The virus, known as ransomware, locked staff out of computer systems and demanded payments to allow them access. The UK and US governments blamed North Korea for the attack.

Standard
Britain, Government, Intelligence, National Security, United States

US spying programmes are being used by British spies to snoop on UK email accounts…

COVERT INTELLIGENCE GATHERING ON UK CITIZENS

British spies and intelligence agents have had access to a US government programme that monitors the web activity of millions of Britons.

Secret documents published suggest the US National Security Agency (NSA) has direct access to data held by internet giants including Microsoft, Google, Yahoo, Facebook, YouTube, Skype and Apple.

The documents – which appear to be slides from a training presentation for intelligence agents – suggest the agency can access email, photographs, social network information, chat records and other ‘stored data’ held by the companies, as part of its ‘Prism’ project.

They also suggest that the British government’s listening centre, GCHQ, has had access to the system since at least June 2010. During this period the project generated nearly 200 intelligence reports. It is unclear whether other agencies, such as MI5 and MI6, were also involved, meaning the true extent of the snooping could be higher.

A spokesperson for GCHQ said:

… We do not comment on intelligence matters… (but) our work is carried out in accordance with strict legal and policy framework.

Privacy campaigners warned that the revelations suggested the creation of a ‘Snooper’s Charter by the back door’. They come after a proposed plan to pay internet companies to collate user data from UK computers was dropped only last month in face of opposition from Conservative backbenchers and Liberal Democrats.

Labour has called on David Cameron to come clean to MPs on the extent of Britain’s role. Yvette Cooper MP, Shadow Home Secretary, said:

… In light of these reports, the Prime Minster should brief the Intelligence and Security Committee (ISC) on what ministers know and should ask the ISC to report on the UK’s relationship with the Prism programme, the nature of intelligence being gathered, the extent of UK oversight by ministers and others, and the level of safeguards and compliance with the law.

The Guardian, a London based newspaper, said it has obtained slides from a whistleblowing intelligence officer worried about invasions of privacy.

Reports by the newspaper and The Washington Post suggested the FBI and the NSA can tap directly into the central servers of nine leading internet companies.

But a number of them, including Google, Apple, Yahoo and Facebook denied that the government had “direct access” to their servers.

Microsoft said it does not voluntarily participate in any government data collection and only complies ‘with orders for requests about specific accounts or identifiers’.

Yet one slide appears to be a timeline of when the companies began to participate in Prism, starting with Microsoft in September 2007 and ending with Apple in October 2012.

According to the reports, Prism was established under President George W Bush in 2007 and has grown ‘exponentially’ under President Obama.

The Director of US National Intelligence said that the law ensures that only ‘non-US persons outside the US are targeted’, raising the likelihood that Britons are among those captured in its net.

Revelations about the snooping programme follow separate reports about the NSA being allowed to collect all telephone user data from Verizon, one of the largest telephone firms in the US, for three months.

Standard