The Problem with Cloud Dependency
In just the last month, several major cybersecurity incidents have led to IT outages affecting businesses, hospitals, government bodies, and other organizations. From the CrowdStrike outage, to the Azure incident many organizations are rethinking their cybersecurity strategies.
As Cloud services have become quickly embraced we’ve also created a dependency on them. And while these services are typically reliable, these outages have shown us why you should never put all your eggs in one basket.
CrowdStrike Outage
On July 19th, Microsoft clients around the globe faced outages due to a faulty update from CrowdStrike. The leading cybersecurity firm sent an alert that their Falcon Sensor software caused Microsoft Windows to crash, and devices displayed a blue screen known as the “blue screen of death.” Windows devices and machines were left in a cycle of recovery, unable to restart.
CrowdStrike offers cybersecurity services to over 20,000 subscribers, including 8.5 million Microsoft devices.
Flights were cancelled, ATMs were out of service, hospital appointments were delayed, and many other businesses were left defenceless. As businesses become increasingly dependent on cloud services, this outage was a wake-up call to the possible risks associated with third-party dependency.
While Windows devices were affected, customers using Mac and Linux systems could operate business as usual.
Microsoft 365 and Azure Outage
Not long after the CrowdStrike incident, Microsoft and Amazon Web Services (AWS) suffered major outages due to a cyber-attack.
The outage started early July 30th, and for nearly 10 hours, thousands of customers couldn’t access Microsoft 365 services, including the admin center, Entra, Intune, and Power Apps.
The outage was initially triggered by a Distributed Denial-of-Service (DDoS) attack. Investigations indicate that an error in Microsoft Azure’s defences magnified rather than resolved the impact of the attack.
A DDoS attack is a cyber-attack that aims to make a network resource unavailable to users by disrupting the services of a host connected to the network.
AWS Outage
On the same day as the Microsoft Azure outage, AWS was also disrupted. Customers couldn’t access AWS services, including RDS databases, EC2, and S3 Storage.
What we can learn
The CrowdStrike, Microsoft, and AWS outages are an eye-opener to how quickly things can go wrong when relying on non-redundant systems. While Cloud services are usually consistent and dependable, it’s evident that the risk is never zero.
Avoid single points of failure. During the CrowdStrike outage systems running on Linux and Mac were unaffected.
Implement fail-safe protocols. Implementing redundant systems and data backups is critical for businesses to avoid disruption.
Invest in cybersecurity specialists: Businesses across all industries faced disruption during these outages. Whether your business is in healthcare, banking, or any other industry, investing in cybersecurity experts to boost your IT team is never a waste.
Test and conduct drills: Your incident response plan and strategies should regularly be reviewed and tested to uncover any areas of potential threat.
Consistent monitoring and review: Stay current with industry trends and news to learn from events such as the CrowdStrike incident. As business environments change and new cyber threats emerge, you can update your risk management and incident response plans.
In need of cybersecurity talent?
Looking to hire? One of Live Assets’s tech recruiters can get you connected with creative problem solvers and experts on cyber threats.
The Best IT Recruitment Agency in Toronto | About Live Assets | IT Staffing Solutions
Live Assets is a boutique IT Staffing/Recruiting firm specializing exclusively in building IT teams of excellence for the Information Technology sector.
We are a small, but productive team that works closely together and has had a 96% success rate for the past number of years!
We have a diverse number of clients and industries and focus on both full-time and contract I.T. opportunities.
You can find out more about our company on LinkedIn – Twitter – Facebook –Youtube – Glassdooor