SCOTT SIMON, HOST:
World recovers today from global technology outage. The cybersecurity company CrowdStrike said the problem was in a software update it delivered to Microsoft's Windows systems. NPR's cybersecurity correspondent Jenna McLaughlin joins us. Jenna, thanks for being with us.
JENNA MCLAUGHLIN, BYLINE: Of course, Scott.
SIMON: How much havoc?
MCLAUGHLIN: Just yesterday, we saw thousands of flight delays around the entire world, cancellations of nonemergency surgeries. There were outages for 911 emergency services. I'm actually in Aspen, Colo., for a family trip. The local public radio station had some issues broadcasting, but they pulled it off. I'm flying back home to D.C. today and hoping things are a little less chaotic.
SIMON: Well, good luck. Have we seen anything like this before?
MCLAUGHLIN: In some ways, sure. I cover cyber incidents all the time. Sometimes it's a technical error - it takes down a website for a few hours. Other times it's more malicious. Nation-state hackers can wipe computers or steal data. Or even more commonly, cybercriminals are looking to make money through ransomware attacks, for example. But in this case, the number of different companies impacted is just so massive. I'm not sure that I've seen this before.
SIMON: How can one mistake have such a far-reaching impact?
MCLAUGHLIN: It's basically because of the unique position that CrowdStrike is in. It's one of the top cybersecurity vendors. It's worth billions, though its stock dropped a bit yesterday. So monitoring software has a very deep level of access to machines. They have that so that they can monitor everything happening on the devices to sniff out potential bad actors. But in part because of that access, Scott, the way the software interacts with the Windows operating system, one error in a routine automatic update crashed servers all around the world.
I talked to Andy Ellis about this. He's an expert who led security at the cloud company Akamai for 20 years. And he said that his team always worried about hackers, but they were really worried about mistakes like this one. He said he went through something really similar at Akamai.
ANDY ELLIS: In fact, 20 years ago two months ago. And we spent years going through and hardening all of our systems because it was hard for - it would have been hard for an adversary to inject, but we were far more worried about just accidental injections that we might do.
MCLAUGHLIN: By injections, he means lines of additional code that change the way the program works or causes it to stop working. Now, CrowdStrike has pushed out a fix, and many clients are back online, but people are not likely to forget just how disruptive this was.
SIMON: Doesn't appear to have been an attack, Jenna, but is this a wake-up call about - for how vulnerable tech systems can be?
MCLAUGHLIN: Absolutely. You know, it doesn't take a skilled hacker to get this done, just a slip-up. In this case, it's probably a good idea for more testing of security updates before they go live. More broadly, I've talked to a lot of cybersecurity experts who argue we need to get a better sense of what is critical when it comes to software. Just recently, we saw the entire health care industry disrupted for weeks because the digital payment platform got hit with a ransomware attack. We need to prioritize protecting these things like health care. Otherwise, this is going to keep happening.
SIMON: NPR's Jenna McLaughlin. Thanks so much.
MCLAUGHLIN: Thank you. Transcript provided by NPR, Copyright NPR.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.
