news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

Last week's massive Windows system outage caused varying degrees of economic losses to industries around the world. According to a CNN report on the 21st, Patrick Anderson, CEO of the Anderson Economics Group, an American research institution, estimated that the economic losses caused by this incident are likely to exceed $1 billion.

Anderson said that the recent hacker attack on Hidikai Global, a software company that provides services to US car dealers, which caused $1 billion in losses to its customers, affected only one industry, while the Microsoft outage "affected far more customers and businesses, ranging from inconvenience to severe disruption, resulting in irreparable losses."

Previously, due to an error in the "CrowdStrike" security software upgrade program equipped with Microsoft's Windows system, system downtime occurred in many parts of the world starting from the evening of the 18th Greenwich Time, affecting industries such as transportation, finance, medical care, and hotels, causing serious interference to many companies and individual users, and even some systems of the Paris Olympics were affected.

Microsoft said on the 20th that about 8.5 million Windows devices were affected. Crowdstrike said on the 21st that a large number of these devices have resumed normal operation. However, professionals warned that it will take a long time to smooth out the impact of this error on various industries.

The downtime caused particularly severe losses to the aviation industry, resulting in the cancellation of thousands of flights and the delay of tens of thousands of flights worldwide, with a large number of passengers stranded at airports. The latest data from the US flight tracking website showed that another 1,461 domestic and international flights in the United States were canceled on the 21st, with Delta Airlines and United Airlines being the hardest hit.

Delta Air Lines, headquartered in Atlanta, Georgia, canceled about 1,000 flights scheduled to take off on the 21st, equivalent to more than a quarter of the scheduled flights, and delayed about 1,700 flights, with a delay rate of 46%. In the previous two days, Delta Air Lines and its subsidiaries operating regional routes in the United States had canceled about 3,500 flights.

According to data from aviation data analysis agency Rise, the flight cancellation rate of US airlines on the 20th was about 3.5%, only lower than that of their Australian counterparts. The flight cancellation rate in the UK, France and Brazil was about 1%, and the cancellation rate in Canada, Italy and India was about 2%.

European routes and airport operations are slowly returning to normal. Lufthansa and its European airlines have canceled dozens of flights, but basic services have been restored. The German Federal Information Security Agency said on the afternoon of the 20th that the situation in most areas of Germany affected by the outage is stabilizing, but a large number of companies are still affected by the aftermath of the outage.

Although the program error has been corrected, its impact is so widespread that it will take some time for the disrupted order in various industries to return to normal. Cybersecurity agencies remind the public and businesses to be careful of criminals taking advantage of the opportunity to cheat and steal data.

The incident was mainly caused by an error in the upgrade of a security software program equipped with the Windows system. It is unclear whether the software developer "Zhongji" will pay for the related losses. Although "Zhongji" has apologized, it did not respond to CNN's inquiry on whether it will compensate affected customers.

Dan Ives, a technical analyst at Wedbush Securities, believes that this incident will trigger a large number of lawsuits. "If you are a lawyer for CrowdStrike, you probably won't have a good summer." However, James Lewis, a researcher at the Center for Strategic and International Studies, believes that there may be an exemption clause in the contract signed between CrowdStrike and its customers, which can help it avoid compensation.

Ives believes that Zhongji's customers will not necessarily abandon the company because of this incident, as switching to other service providers may not be more beneficial, but the damage this incident has caused to Zhongji's reputation is self-evident, making it difficult for it to attract new customers in the future.

In addition, according to media reports, a Microsoft spokesperson said in an interview that the EU's restrictions were one of the reasons why it was unable to lock the Windows system, which in turn caused this global blue screen incident.

Microsoft is required by a 2009 agreement with the European Union to grant security software developers equal access to the Windows kernel, a policy that allowed security software like CrowdHit to perform extremely complex operations, leading to widespread blue screen of death problems.

A Microsoft spokesperson said that while the company hopes to further lock down the operating system to improve security, the EU's requirements make this difficult to achieve. Microsoft said that if the kernel can be locked, it will significantly reduce the number of blue screens of death caused by third-party software.

Under the agreement, Microsoft is obliged to open the APIs in Windows client and server systems used by its security products to third-party security software developers and record these APIs on the Microsoft Developer Network so that security software developers can access them.

However, the cost of this policy is reduced system security, and the "Zhongji" blue screen crash incident is a manifestation of the consequences of this policy.

Beijing Business Daily Comprehensive Report