‘You do have shared vulnerabilities.’ Security experts explain risks associated with global IT outage

Cybersecurity firm CrowdStrike said the problem occurred when it deployed a faulty update to computers running Microsoft Windows. The irony is that upgrades are meant to fix existing issues, not create new ones.

Rachel Yonkunas

Jul 19, 2024, 7:33 PM

Updated 160 days ago

Share:

Today's global IT outage has highlighted just how reliant companies are on a few dominant providers - like Microsoft - and how systems that are using the same platforms all have shared weaknesses.
Cybersecurity firm CrowdStrike said the problem occurred when it deployed a faulty update to computers running Microsoft Windows. The irony is that upgrades are meant to fix existing issues, not create new ones.
Former New York State Homeland Security Czar, Michael Balboni, said some companies are at a greater risk because not all software and technology investments are the same.
“Some companies don’t really spend the kind of money to do the upgrades because they don’t have it in their budget,” said Balboni. “It’s going to take time for some of these industries to get up to par, but again to your point, if you’re all on the same platform, you do have shared vulnerabilities.”
Team 12 Investigates reveals that the massive impact of the outage underlines the risks of interconnected technologies.
“When you have common platforms, like Microsoft, and you have various applications working in that and a lot of people using the same type of applications and technologies, then you have this commonality,” Balboni said. “If you have a compromise, a vulnerability, an exploit, then what you have are these cascading effects, which is what you’re seeing across the world today.”
One of the biggest concerns for security experts is how routine outages have become. They point to recent telecommunications outages, like the issues AT&T recently reported, and downed 911 systems that have occurred in communities across the country.
It is important for people to normalize cybersecurity in their everyday lives—much like looking both ways before crossing the street.
Be alert of email scams, pay attention to fake links, and know the red flags. For example, a reputable agency would never ask for your social security number or other personal information.