The CrowdStrike outage brought much of the world to a standstill — giving us a taste of the Y2K bug that never was.
Airports were crippled as flights were cancelled. Supermarkets shut their doors as they were unable to accept payments.
The cost of the outage to Australian businesses could surpass $1 billion.
But in much of Asia, things rolled on largely as usual. Millions of passengers continued boarding flights at airports across the region, from Guangzhou to Jakarta.
On social media in places like China and Indonesia, it barely registered that elsewhere in the world a major meltdown was happening.
Here’s why.
The mayhem was caused by a software update on US cybersecurity firm CrowdStrike’s Falcon platform, which provides protection from malware and antivirus support, on devices running Microsoft Windows.
In many places around the world, social media was abuzz with reports of “blue screens of death” and other major disturbances.
Johanna Weaver, founding director of the Tech Policy Design Centre at the Australian National University, said Australia “felt the brunt” of the CrowdStrike outage because the software update happened during the day, unlike in the US where it happened overnight and there were fewer computers online there.
Life in many of the countries neighbouring Australia with similar time zones, however, largely continued without a hitch.
Usually with a major technological incident like this, Chinese social media would be alight with trending topics as its hundreds of millions of users shared their frustration. Instead, there were none.
Only international hotel chains and other foreign businesses in China reported major issues.
On Indonesian social media, some who had read about the outage in the news joked that they were not affected because they were using pirated versions of Microsoft Windows or an outdated version.
The main reason Asia was less affected was because far fewer businesses in the region are CrowdStrike customers.
“The discrepancy in impact can be attributed to several factors, including the varying market penetration of CrowdStrike’s services and differing levels of dependency on specific cybersecurity providers across regions,” said Liu Yang, an associate professor at Nanyang Technological University in Singapore.
“For instance, Linux servers provided by AWS [Amazon Web Services] or Google Cloud were not affected by this incident.
“Notably, many cloud providers have their own security solutions, which may have mitigated the impact in some areas.”
Matthew Warren, director of the RMIT University Centre for Cyber Security Research and Innovation, said CrowdStrike’s main markets were in North America and Europe.
In the Asia Pacific, its customers are “predominantly in what you consider richer countries like Australia, Singapore, New Zealand”.
The cause of this, Professor Warren said, is cost point.
“Many organisations wouldn’t be able to pay for their annual subscriptions, so it may be that they go to a cheaper, local alternative provider,” he said.
“The companies that you have seen in Asia impacted are what you’d consider more high-risk organisations like airlines that have made the business decision that they have to protect against cyber issues so they’re using that product and service.”
The Malaysian budget airline Air Asia, for example, was impacted.
This caused chaos for travellers at its home base at Kuala Lumpur International Airport’s terminal 2 and at Bangkok’s second airport Don Muang, among other locations.
It left the airline’s CEO, Tony Fernandes, fuming.
“We will wait to hear from Microsoft on how this has happened causing major airlines to lose millions of dollars in revenue, but more importantly how their system failure has caused so much chaos to people’s lives,” he wrote in a post on LinkedIn.
“Tech companies have little empathy … they expect us all to understand. Well I’m not going to. Airlines need answers and compensation.”
But elsewhere in the region, the CrowdStrike meltdown barely registered.
Indonesian cybersecurity expert Alfons Tanujaya told the ABC that CrowdStrike’s market share in Indonesia remained relatively small, which was the main reason the country avoided the worst of the chaos.
CrowdStrike competitors Symantec and Kaspersky remain the market leaders for cybersecurity in Indonesia, which is South-East Asia’s largest economy.
“There are only a few thousand computers in Indonesia that use CrowdStrike, but most Indonesian airlines and airports don’t use it,” Mr Tanujaya said.
China, meanwhile, has developed its own operating systems, anti-virus platforms and payment systems to reduce reliance on Windows and associated products.
Professor Warren said the outage could cause some Asian countries that are already close to China, such as Cambodia, to consider further aligning themselves with the Chinese digital ecosystem.
This point was not lost on Chinese state media, which framed CrowdStrike’s error as proof of the need to avoid US software and technology.
“Since Chinese enterprises mainly use domestic antivirus software and they were less affected by this incident, this has enhanced the trust of domestic users in domestic network security software,” The Global Times tabloid declared.
Loading…
Chinese cybersecurity firms said the crash was evidence of their US competitors’ shortcomings.
“The blue screen incident occurred to the Windows system reveals the existence of technical defects in the software,” China-based 360 Total Security said in a blog post, arguing it showed its products were more secure, reliable and comprehensive.
“It’s also a warning to government and enterprises as such abnormal incidents may be maliciously used as a means of attack, leading to business shutdowns, and resulting in incalculable losses.”
Another Chinese firm, QAX, said CrowdStrike’s product was high quality but the outage showed “the greater the ability, the greater the responsibility”.
“Software vendors involved in system stability need to have more stringent quality control of their own software. Otherwise, problems caused by such unexpected failures will be even greater than those caused by malicious cyber attacks,” it said.
Mr Tanujaya, the Indonesian cyber expert, said the incident underlined the risks of over-reliance on certain operating systems or cybersecurity products.
“CrowdStrike needs to be recognised as a premium anti-virus platform, but if everybody uses it, there will be a single point of failure. This is a lesson learned for us,” he said.
Additional reporting by Erwin Renaldi and Kai Feng.
Loading…