The writer is a professor at Tufts and author of ‘Cyberinsurance Policy’
Who is to blame for the CrowdStrike software outage that took down millions of computers across every industry sector all over the world last week? As is often the case with cyber security incidents, there’s plenty of blame to go around. CrowdStrike failed to properly vet the channel file it pushed out to its customers, crashing their Windows computers, and it also appeared to roll out that file to everyone all at once, rather than starting with a small number of customers to identify any problems before releasing the update widely.
Meanwhile, Microsoft let CrowdStrike and other third-party developers have kernel-level access to its Windows operating system. The kernel of an operating system has control over the entire computer. Without that level of access, the CrowdStrike update would probably not have had the same impact. It would certainly have been easier to fix without manually rebooting all the affected systems.