Mint Primer: Tech blackouts and the need for total protection
- As a growing number of systems become dependent on a handful of tech service providers, can we be completely insulated from blackouts?
Last Friday, a global tech blackout spread like wildfire, bringing down airports, hospitals, banks, etc. This wasn’t the first blackout. But as a growing number of systems become dependent on a handful of tech service providers, can we be completely insulated from blackouts?
Why could blackouts happen again?
Technology blackouts happen due to human errors—faulty snippets of code, or a wrong update pushed to an IT framework. Due to the very nature of tech, daily minor updates are key, as are monthly or fortnightly maintenance updates. While tech firms put updates through a testing process to check for bugs and issues, there can always be unexpected or unknown bugs in these updates. Cyberattackers also actively exploit such bugs, leaving the scope open for a massive-scale blackout taking systems down worldwide. This vulnerability in the core nature of technology makes blackouts potentially repetitive.
Can you truly be insulated?
Theoretically, no. But it is possible to keep yourself reasonably resilient. Advanced users often do critical work offline—in case of faulty updates or a cyberattacker trying to gain access, their device is siloed from all networks until the said work is completed and saved on an external, offline storage device. Even when online, one important thing is to not enable auto-updating of software in the background as you work. Another good practice is to try using multiple devices based on different software platforms—even if one goes down, it’s unlikely that every system will crash at the same time.
How about managed devices in enterprises?
You will have less control on your work devices, since these are typically managed by the IT departments of your workplace. In many cases, critical data is not allowed to be stored in unauthorized external storage devices. However, IT managers ought to prevent background updates during work hours, and have outsourced cybersecurity teams monitoring data flow.
Also read | Microsoft says CrowdStrike’s update affected 8.5 million Windows devices
What about solar flares and cyberattacks?
The biggest cyberattackers exploit undiscovered flaws in software— called “zero-day hacks". There is a constant battle between ethical and malicious hackers on trying to discover zero-day vulnerabilities. Usually, malicious hackers get there first. Examples include the ‘WannaCry’ malware that hit global IT systems in 2017. Three months ago, a bug in a Linux operating system almost exposed millions of critical systems. These are unavoidable. Solar flares, too, can potentially black out Internet infrastructure globally.
Are private networks always safer?
Yes and no. An airline can, theoretically, use a private network that is siloed from the rest of the Internet for flight status and timing. However, such silos will have to communicate with other airlines, in-transit aircraft and air controls—which makes operating a siloed private network impractical. The same applies to banks, which need to communicate across national and international units. Hospitals may fare better since they’re siloed by nature. Private networks are easier to control, but aren’t immune.
Also read | Byju’s bankrupt: Is the edtech crisis deepening?
topics
