According to The Guardian, the Crowdstrike outage crashed an estimated 1% of all Windows PCs worldwide—or about 8.5 million—and is estimated to have cost the US Fortune 500 USD $5 billion.
We asked you, Planet Mainframe readers, to share your thoughts on the Crowdstrike outage that grounded flights, eliminated 911 emergency services, knocked banks and hospital systems offline, and took media outlets off air.
Here’s what you said.
Schadenfreude Humor
Faced with disaster, one thing is sure to emerge—dark humor. You may have already enjoyed the oodles of jokes, memes, GIFs, and comedy gold punchlines, but if not, here’s your daily dose of LOL: Crowdstrike Memes from LowEndBox and Our Favorites from Qsae.
“I’ll buy very good popcorn to watch the hearing. Maybe a BBQ is on point. Or a roast.” -FF
“Malfunction. Need input.” – Johnny 5, via Mike S
Advice
“PCs didn’t replace mainframes; they became the input devices. And with a bunch not working, less work was done. Lynx / TN3270 clients are very lightweight. Put them on Chromebooks!” – Mike S.
“George Kurtz was the CTO of McAfee when, in 2010, they caused a similar massive outage due to bad sigs. The guy resigned in 2011 and founded ClownStrike, and here we are again 13 years later. He should resign.”
Resiliency Plans, Anyone?
“I think the biggest issue with what happened is how so many organisations can be reliant on a single point of failure. Surely, CrowdStrike or their clients should have resiliency plans in place that allow them to dynamically switch to an available service or server at a moment’s notice when such an error occurs.
I know that in the mainframe space, we as technicians have been charged with this mission statement for years: Where’s your backup? What happens if something goes wrong? Back in the day, we called this Component Failure Impact Analysis (CFIA).
How can a software change at a service provider cause so many issues? CrowdStrike should have been able to point their clients at an alternative service that hadn’t been patched/updated. The techniques we use in the mainframe world work just as well for other technologies.
When we make changes, we have two copies of the software, both of which have been tested and signed off as valid. We apply the maintenance to CopyA and dynamically load the changes to the system. Only when the change has been proven do we apply the maintenance to CopyB.
If issues are found with CopyA, we can dynamically change to CopyB the unpatched version. This, for a mainframe technician, is best practice and pretty much a standard operating procedure. If changes cannot be made dynamically, we may have to IPL (reboot) the mainframe, but with good automation processes, this can be done quickly. – Mark W.
Poor PR Performance
Corporate crisis communications plans, teams, and protocols exist. Yet somehow, CloudStrike didn’t get the memo.
Among its PR snafus, Crowdstrike sent its partners a USD $10 Uber voucher and a note of thanks. “Dear Crowdstrike Partner,” it began, “To express our gratitude, your next cup of coffee or late night snack is on us! Access your UberEats credit by using code XXX…”
CrowdStrike spokesperson Kevin Benacci confirmed to TechCrunch that the company sent the gift cards. However, not only was it a case of too little, too late, but users encountered error messages at the point of redemption.
Benacci said in an email, “We did send these to our teammates and partners who have been helping customers through this situation. [But] Uber flagged it as fraud because of high usage rates.” Another example of untested technology?
Fallout Boy
The immediate crisis may be receding, but the fallout continues.
CrowdStrike stock reached a high of USD $398 within the past year but is now trading at USD $215 per share.
Plymouth County Retirement Association, a pension fund, filed a class action suit, arguing that CrowdStrike misled investors by attesting that the company’s technology was “validated, tested and certified.”
Delta CEO, Ed Bastian, said that the disaster cost the airline $500 million, and that it would likely take legal action for damages.
What’s Next
Do you have any predictions for how the September Fal.Con 2024 event, themed “The future of cybersecurity starts here,” will go? What about the company’s cringe, “We stop breaches” as a tagline? Will George Kurtz remain at the helm?
Share your predictions and reactions with pberryman@planetmainframe.com.
Penney Berryman, MPH (she/her), is the Content Editor for Planet Mainframe. She also writes health technology and online education marketing materials. Penney is based in Austin, Texas.
Connect with her on LinkedIn.
The CrowdStrike Caper! Embrace the mainframe
Why Reliable Tech Never Goes Out of Style?
Security and reliability aren’t sold in the app store. They come standard with a mainframe.
Remembering the recent “CrowdStrike breach” situation that we had? Yeah, a bit of an oopsie, wouldn’t you say? All that “cutting-edge” of open system couldn’t keep the bad guys out. But hey, at least their servers looked sleek, right?
Imagine this: while your precious cloud server struggles to handle a Black Friday sale, a mainframe is calmly processing enough transactions to power a small country. Forget about those “server overload” error messages. Mainframes are the Michael Jordan of computing – they just don’t quit.
Shiny Doesn’t Always Mean Secure: Open systems might look flashy, but security-wise they’re about as dependable as a toddler with a box of matches. Remember the CrowdStrike fiasco? Let’s be clear, it wasn’t a cyberattack, but a faulty update gone rogue. A tiny glitch in their Falcon sensor for Windows brought down systems worldwide, including those on the mighty Microsoft Azure. Talk about complexity and risk! Mainframes, on the other hand, are built for stability. They’re the Fort Knox of computing, keeping your operations safe and sound.
The recent CrowdStrike update aimed at fortifying Microsoft systems backfired in spectacular fashion, grounding flights, crashing broadcasts, and turning supermarkets into cash-only zones.
But wait!
While the new and shiny were glitching out, reports say the old guard – those CICS systems running on the mainframes for online mall marketing and airline ticketing – sailed through the storm unscathed. Makes you wonder, could these old-timers, built on a simpler foundation, be surprisingly good at dodging certain software gremlins that trip up their modern cousins?
So, the next time you’re tempted to trust your mission-critical data to some other service, take a deep breath and remember: mainframes are the ultimate grown-up solution. Ditch the trendy tech toys and embrace the timeless power of a platform trusted by the Fortune 500.
Unless, of course, you enjoy a good blackout -syndrome!
But wait, there’s more!
While you’re busy fiddling with your temperamental opens system cloud servers, here’s what the grown-ups are doing:
IBM z Systems are handling a cool 400 million retail transactions every single day. That’s right, millions. With an “m.” Like a real number, not some measly amount your any other servers can barely handle on a good day.
Ever booked a flight online? Chances are, 90% of those airline reservations were powered by rock-solid CICS online systems on mainframes. You’re welcome for the smooth sailing (or, you know, flying) experience.
The “CrowdStrike Caper”? Yeah, their fancy cloud servers went belly-up like a cheap inflatable pool toy, almost bringing the entire world to a standstill. Meanwhile, mainframes are like the inflatable T-Rex costume you see at car dealerships – big, bold, and virtually indestructible.
The point? Don’t trust your mission-critical applications to any servers that are one glitch away from disaster. Mainframes are the grown-up solution for grown-up businesses. It’s time to ditch the trendy tech toys and embrace the timeless power of the mainframe.
The real tragedy? The poor souls who strayed from the path of mainframe righteousness. Imagine having your entire online ticketing system go down because, oh no, Windows decided to take a nap! Pathetic.
Mainframes, on the other hand? They run on z/OS, a legendary operating system with a mythical reputation for… zero downtime. Yeah, you heard that right. Zero. Downtime. Ever.
So, before you get lured in by the siren song of open systems, take a long, hard look at your priorities. Do you want something flashy and potentially risky, or do you want the reliable workhorse that’s been powering Fortune 500 companies for decades? The choice, as they say, is yours. But choose wisely, because a data breach is a terrible thing to waste.
Take a long, hard look at your priorities.
Maybe it’s time to re-evaluate the power of “if it ain’t broke, don’t fix it”.
Captain Uday Prasad
A MAINFRAME Evangelist
ZEDINFOTECH
Disclaimer: This information reflects my own perspective and is meant to be thought-provoking, not professional IT advice. No offense intended.