Lights out: Are we prepared for the next global tech shutdown? - opinion

On Friday, the world woke up to the announcement of a global disruption affecting cross-sector operations. Hospitals, health clinics, and banks were affected, airlines grounded their planes, broadcasting companies couldn’t broadcast (Sky News went off the air), emergency numbers like 911 in the US were unreachable, and even here in Israel, MDA experienced numerous issues. 

This event had an impact in the US, Australia, and Europe. Critical infrastructure alongside many business operations came to a halt. In Israel, we immediately connected the event to warfare, to the UAV that arrived from Yemen and exploded in Tel Aviv, assuming that Iran was attacking in the cyber dimension.

What exactly happened? And how can one mistake impact the entire world?

Let’s begin with the facts: An American company based in Texas named CrowdStrike, which provides a cybersecurity protection system installed in many companies around the world, announced on Friday morning that there was an issue with the latest version of its system released to customers. The problem caused Windows, Microsoft’s operating system, not to load, displaying a blue screen. Consequently, all organizational systems installed and based on that operating system did not load either. In other words, the organization was paralyzed.

But the issue didn’t end there. During the repair actions distributed by the company, hackers “jumped on the bandwagon,” posing as company employees and distributing instructions that essentially meant inserting malicious code into the organization and deleting its databases. This was the second derivative of the event.

A well-intentioned or malicious error by one company can paralyze the entire world. What can be done? How do we prepare for the next time this happens? 

Here we enter the fascinating world of risk management. 

Risk management is an organizational discipline. Within risk management processes, the organization identifies and maps the threat and weakness portfolio in the organization’s activities, while simultaneously building an effective response and controls to threats and risks. The threats can be “internal,” such as an employee’s human error, employee embezzlement, or a technical malfunction in a computer system or server. Threats can also come “externally” to the organization, such as customer or supplier fraud, a cyberattack on the organization, geopolitical threats in general and war in particular, or a pandemic, fire, or earthquake.

Risks of errors and attacks

It seems that the world has become much more global and technological than humans want to think about or believe. And yes, a keyboard mistake by one employee in one company can affect the entire world, impacting all our daily lives. This is the reality, and we should understand it quickly and start preparing through structured risk management processes for any event that may come. 

Regarding the question of whether it was an invisible Iranian hand, it is still impossible to completely deny or confirm. Even if the company officially announced that it was a technological failure, its interest is only to get off the radar and not collapse and go bankrupt.

Every organization must know how to continue “business as usual” even in an emergency, even without computers. Look at what happened in hospitals in Israel. Due to numerous cyberattacks experienced before the war, but mainly around the Gaza war, staff was trained to work manually, without computers. During last weekend’s event, they continued to operate more or less in a reasonable state. 

Therefore, prior preparation prevents chaos and confusion at the critical moment. The state must implement mandatory regulation on the business continuity of organizations for the functional continuity of the economy.

The writer is an expert in cybersecurity and risk management, CEO of LT RISKMGMT, a risk management consulting firm, and a member of Forum Dvorah.