Coming Soon: A Supreme Court Ruling on TikTok, China and National Security
EXPERT INTERVIEWS — Does Chinese ownership of the wildly popular TikTok app pose a national security risk to the United States? And if so, what should […] More
EXPERT Q&A — The world continues to recover from the global internet outage that hit Microsoft systems due to a problem with a single software update carried out by the CrowdStrike cybersecurity company. In the wake of the incident, government officials, experts, and the millions of people affected by the outage are raising concerns about the risks and vulnerabilities of life and work in this interconnected digital age.
The Cipher Brief tapped Michael Chertoff, former Secretary of the Department of Homeland Security and a Cipher Brief expert, to discuss the outage, the broader vulnerabilities, and how malicious cyber actors may respond.
This interview has been edited for length and clarity.
The Cipher Brief: Can you lay out the basics of what happened here?
Chertoff: It looks like there were two issues that were distinct. One is, apparently (Thursday) night Microsoft experienced an outage caused by a configuration issue that interfered with internal connectivity. And then on top of that, CrowdStrike launched a software update that turned out to be faulty and caused the systems that received the update basically to shut down. And so you had two issues. One was a configuration issue at Microsoft and one was a faulty update. And it reminds us that when we talk about securing and protecting our networks, it’s not just the endpoints and the internal network, but it’s the supply chain that supports what we do, it’s the relationship within the network among the various nodes. And all of these things are part of what we need to be concerned about from a security and resilience standpoint.
I think there is a concern that as we get more and more dependent on complex IT systems, the points of vulnerability multiply. In early 2023, because of a mistake that occurred with someone operating the FAA computers, they shut down and the aviation system shut down for a while. And we’ve become so dependent on using cyberspace as a way of controlling our physical activities, and not just information, that increasingly we see that even an innocent error can cause a ripple effect across a whole number of different infrastructures.
The Cipher Brief: In a case like this, is it quickly known whether it is malicious activity from a bad actor?
Chertoff: I think in this case, once CrowdStrike analyzed the update, it may become perfectly obvious that it was an internal mistake or something that wasn’t properly tested. So I don’t think you can generalize, but clearly the first thing you look at is what is the exact nature of the exploit that caused the problem? And does it look like something that was generated internally through a mistake, or does it look like somehow somebody infiltrated and wound up putting it into the system?
And of course, CrowdStrike is itself a cybersecurity company. So they’re well equipped to detect if there was a security issue, and they would obviously need then to make that public.
The Cipher Brief: Will bad actors see new windows of vulnerability from this incident?
Chertoff: I’m sure there’ll be those who, particularly as this is still working its way through the process, there may be bad actors that seek to exploit the opportunity to infiltrate their own malware. So for example, one thing we need to warn people about is, If you wind up with somebody contacting you and saying, “I can fix your problem,” you better validate that the person really is able to and wants to fix the problem, and they’re not operating a false flag or a version of phishing where they’re offering you a solution that actually compounds the problem.
The Cipher Brief: What message do you have for those impacted by this incident? What should they be concerned about going forward?
Chertoff: I think it’s a reminder about the importance of resilience. As convenient as it is, sometimes, to rely on online methods of managing your finances, your health care and everything, realize that if you create a single point of vulnerability or weakness, then you could find yourself laboring under a real burden. So for things that are of critical importance, having a backup is kind of a clever way to deal with the problem of a single point of failure.
I would say just be aware that the more you rely on online systems, the more you need to make sure you have a Plan B. And when you do wind up furnishing or receiving an update, make sure the entity providing it has tested it adequately in live situations, so that you have a degree of confidence. It’s been tested. Just like you wouldn’t want to go into a grocery store and buy food if you didn’t know that the store was being regulated and the food provider was supposed to test the quality of the food.
Who’s Reading this? More than 500K of the most influential national security experts in the world. Need full access to what the Experts are reading?
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
Related Articles
EXPERT INTERVIEWS — Does Chinese ownership of the wildly popular TikTok app pose a national security risk to the United States? And if so, what should […] More
EXPERT INTERVIEW — The race between China and the U.S. for tech supremacy gets fiercer by the day. In the latest salvo, the U.S. this […] More
EXPERT INTERVIEW — The U.S. starts the new year with a daunting set of challenges in the national security space – from global conflicts to terrorism […] More
EXPERT INTERVIEW — The U.S. Treasury Department closed 2024 with the announcement that state-sponsored hackers from China had breached its systems in a “major incident.” The hackers […] More
SPECIAL REPORT — In 2025, technological advances will continue to reshape industries, transform national security strategies, and fuel global competition. Artificial Intelligence (AI) will expand its […] More
EXPERT VIEW — 2024 has brought multiple reminders of the threats – real and potential – posed by the People’s Republic of China (PRC). Over the […] More
Search