返回網站

國際時事跟讀 Ep.K827: CrowdStrike 更新導致微軟全球大當機

Global IT Meltdown: CrowdStrike Update Causes Widespread Computer Crashes

2024年8月4日

更多國際時事文章就在通勤學英語VIP訂閱方案:https://open.firstory.me/join/15minstoday

國際時事跟讀 Ep.K827: Global IT Meltdown: CrowdStrike Update Causes Widespread Computer Crashes

 

 

Highlights 主題摘要:

  • A single software update from CrowdStrike caused a global IT meltdown, affecting millions of Windows computers and highlighting the fragility of our interconnected digital systems.
  • The incident impacted various industries worldwide, from airports to broadcasting, demonstrating how dependent modern society has become on technology and its vulnerability to disruptions.
  • While CrowdStrike responded quickly, the scale of the problem made it challenging to implement fixes, prompting organizations to reassess their reliance on single-point software solutions.

On July 19, 2024, a routine software update from cybersecurity company CrowdStrike led to a worldwide IT breakdown, affecting millions of Windows computers. The incident, which caused chaos across various industries, stemmed from a single coding error in the company's Falcon sensor program. This article explores what happened and its impact.

2024 年 7 月 19 日,網路安全公司 CrowdStrike 的一次例行軟體更新,引發了全球性的資訊系統崩潰,影響了數百萬台微軟 Windows 電腦。這起事件源於該公司 Falcon 感應器程式中的一個編碼錯誤,造成了各行各業的混亂。本文將探討事件的來龍去脈和影響範圍。

 

The trouble began when CrowdStrike released a sensor configuration update for its Falcon program, a cloud-based cybersecurity tool used by many businesses and organizations. The update, intended to enhance protection against cyber attacks, contained a "logic error" that resulted in Windows systems crashing. Users across the globe reported seeing the infamous "Blue Screen of Death" and experiencing reboot loops, rendering their devices unusable. The problem affected Windows version 7.11 and above, while Mac and Linux systems remained unaffected. This type of update was routine for CrowdStrike, with multiple releases occurring daily since the program's launch.

問題始於 CrowdStrike 為其 Falcon 程式發布的一次感應器設置更新。 Falcon 是一款雲端網路安全工具,廣泛應用於各類企業和組織。這次更新本意是加強對網路攻擊的防護,卻因一個「邏輯錯誤」導致微軟 Windows 系統崩潰。全球用戶紛紛報告遇到了眾所厭惡的「藍色畫面」,並陷入重啟循環,導致設備無法使用。這個問題影響了 Windows 7.11 及以上版本,而蘋果的 Mac 和 Linux 的系統則不受影響。對 CrowdStrike 來說,這類更新是例行操作,自程式推出以來每天都會發布多次。

 

The impact of this IT outage was felt far and wide. Airports faced operational challenges, supermarket check-outs malfunctioned, and journalists struggled to report on the very issue causing havoc. Major organizations, including Sky News, were unable to broadcast, highlighting the severity of the situation. Planes were grounded in the U.S., trains in the U.K. were impacted, and boarding scanners at Edinburgh airport in Scotland faced issues. The incident serves as a stark reminder of how dependent modern society has become on technology and how vulnerable we are to widespread disruptions.

這次資訊系統故障的影響範圍極為廣泛。機場面臨營運挑戰,超市結帳系統故障,記者們難以報導這場正在造成混亂的事件。包括 Sky News 在內的大型機構無法播出,凸顯了事態的嚴重性。美國的飛機被迫停飛,英國的火車受到影響,蘇格蘭愛丁堡機場的登機掃描器也出現問題。本次事件令人警醒,現代社會對科技的依賴程度之高,以及我們面對大規模中斷時的脆弱性。

 

CrowdStrike responded swiftly to the crisis, acknowledging the issue within an hour of the first reports. By 5:27 AM UTC, the company had pushed out an update to replace the flawed configuration files. However, many users continued to experience problems for hours after the initial crash. CrowdStrike CEO George Kurtz confirmed that the issue was not a cyberattack but rather a defect in a content update. The company provided a manual fix for affected systems, which involved deleting a specific file in the Windows directory. However, applying this fix at scale proved challenging for large organizations with thousands of affected devices.

CrowdStrike 迅速回應了這場危機,在首次收到報告後一小時內就承認了問題的存在。到世界標準時間上午 5:27,公司已經推出了更新來替換有缺陷的設置文件。然而,許多用戶在系統初次崩潰後的數小時內仍然遇到問題。 CrowdStrike 執行長 George Kurtz 確認,這個問題並非網路攻擊,而是內容更新中的一個缺陷。公司提供了一個手動修復方法,需要刪除 Windows 目錄下的特定檔案。然而,對於擁有數千台受影響設備的大型組織來說,廣泛的使用這個方法修復具有挑戰性。

 

Experts in the field, such as Ajay Unni from StickmanCyber and Mark Jones from Tesserent, commented on the situation. They explained that while the rollback of the configuration update seemed to be working, deploying it through entire systems like servers and multiple desktops would take hours. The incident highlighted the complexities of managing large-scale IT infrastructures and the potential for small errors to cause significant disruptions. As businesses and organizations recovered from this unexpected IT meltdown, many were left reassessing their dependency on single-point software solutions and the need for more robust contingency plans in an increasingly digital world.

業內專家,如 StickmanCyber 的 Ajay Unni 和 Tesserent 的 Mark Jones 對此事發表了評論。他們解釋說,雖然設置更新的回溯似乎正在發揮作用,但在整個系統(如伺服器和多台桌上型電腦)中部署可能需要數小時。此次事件凸顯了管理大規模資訊基礎設施的複雜性,以及小錯誤可能造成重大中斷的潛在風險。在從這次意外的資訊崩潰中恢復之際,許多企業和組織開始重新評估他們對單一軟體解決方案的依賴,並在這個日益數位化的世界中,認識到建立更強大的應急計劃的必要性。

 

Keyword Drills 關鍵字:

  1. Infamous (In-fa-mous): Users across the globe reported seeing the infamous "Blue Screen of Death" and experiencing reboot loops, rendering their devices unusable.
  2. Operational (Op-er-a-tion-al): Airports faced operational challenges, supermarket check-outs malfunctioned, and journalists struggled to report on the very issue causing havoc.
  3. Malfunctioned (Mal-func-tioned): Airports faced operational challenges, supermarket check-outs malfunctioned, and journalists struggled to report on the very issue causing havoc.
  4. Havoc (Ha-voc): Airports faced operational challenges, supermarket check-outs malfunctioned, and journalists struggled to report on the very issue causing havoc.
  5. Cyberattack (Cy-ber-at-tack): CrowdStrike CEO George Kurtz confirmed that the issue was not a cyberattack but rather a defect in a content update.

 

Reference article:

1. https://www.abc.net.au/news/2024-07-20/what-happened-crowdstrike-global-outage-explainer/104122582

2. https://www.forbes.com/sites/kateoflahertyuk/2024/07/19/crowdstrike-windows-outage-what-happened-and-what-to-do-next/