It has been an absolute mess. The Friday past, as the beautiful but otherwise very humid morning gathered steam and I got on with ticking things off the to-do list, something very strange began to happen. Friends called to ask, and this was no coincidence – how do I fix my office laptop that has just crashed and is showing a blue screen. Not everyone is well versed with the charms of the Windows’ Blue Screen of Death, or BSOD. Bless them all. There was precious little troubleshooting I could do, since the common theme across was, all were laptops provided by their respective organisations. Access on these is quite restricted (you cannot even install or uninstall any apps, without an IT administrator password). Later as it turned out, these folks weren’t the only ones. Microsoft later confirmed, a buggy update rolled out by third-party cybersecurity company CrowdStrike, had rendered as many as 8.5 million PC globally, unusable.
Our extensive coverage on the great PC outage…
As this unfolded, everyone with a keyboard of some sort (a smartphone or a working PC, I’d assume) began to outrage against Microsoft. Instant reactions define the times we live in (As perhaps opposing thumbs? I don’t know). Little did anyone realise, it wasn’t Microsoft messing things up that led to 8.5 million PCs crashing around the world, in a few minutes. CrowdStrike had messed up that morning, with an update for its endpoint protection software (for enterprises, every single computing device that connects to their networks is an endpoint). Later it turned out that this update added a file that was full of zeroes to the Windows system directory, which led to PCs being knocked offline and BSOD-ing. Affected were the organisations who’d purchased CrowdStrike’s subscription for PCs they have in their network.
A few days have since passed, and there is now greater clarity on what went wrong. More important, a better understanding of how IT infrastructure needs to improve. No, data localisation led patriotism isn’t exactly the solution in this case, just in case you were wondering. Here’s a snapshot of what needs to change with how IT departments approach things now.
- The weakest link in the chain proved to be a security software, categorised as endpoint protection. The scale of this outage may well illustrate a need for enterprises to stress-test their infrastructure, including placing fail safes.
- “The inconvenience caused by the loss of access to services for thousands of people serves as a reminder of our dependence on Big Tech such as Microsoft in running our daily lives and businesses,” Jake Moore, who is a Global Cybersecurity Advisor at security company ESET, pointed out.
- By incorporating fail-safes and redundancy into system architectures, there can be a certain resilience to any organisation’s digital infrastructure. Even more important, for critical services.
- Could an indigenized security solution, if that were to be deployed by IT departments in Indian companies, helped cushion the impact?
- There’s a need to be less reliant on a handful of solution providers.
The contours of fallout of the PC outage are still being drawn. It may be some time before the bill of losses really gets totalled up.
IMMORAL
Turns out, opportunistic scammers didn’t waste any time in trying to take advantage of the PC outage. Cybersecurity giants McAfee shared some data with me, and it is very worrying. More so, because the end result of these unconventional methods is familiar – a financial scam. Scammers are now going around calling unsuspecting folks, asking for their bank login credentials or OTPs (one-time passwords to authenticate), citing the outage as a hurdle in completing some process that’s a figment of the imagination.
“Consumers may be vulnerable to voice or message scams claiming to be their bank calling with an issue related to the outage and asking for login credentials or personal information such as social security numbers,” Steve Grobman, who is Executive Vice President and Chief Technology Officer at McAfee, summarises this perfectly.
The good habit rules remain the same – do not share your login details or passwords with anyone over a phone call, email or message. Genuine bank representatives do not ever ask for your account credentials over a phone call, for instance. If someone does, that’s an immediate red flag. Do not try unfamiliar third-party apps to try and access your bank accounts or to transfer money. If you do notice any unfamiliar activity or access attempts for any of your accounts, immediately report to the bank or fintech platform, and in parallel, switch to a stronger password or authentication.
GENERATION
Sooner or later, you’ll be tempted by a foldable phone. It is a fact. This past week, Samsung did whatever it needed, to reassert its foldables supremacy. Now in the sixth generation (that itself is a testament to Samsung’s persistence), the Galaxy Z Fold6 makes subtle improvements, contrary to a wholesale change you’d probably have otherwise expected. Important improvements too, such as a redone hinge that adds more reassuring strength to the act of folding and unfolding the foldable (I know, you’re grimacing!). The cover screen is slightly larger and a bit more usable. Samsung’s work with Qualcomm continues to bring customised chips to Galaxy phones, which in this case prove important, as the Galaxy AI suite gets the limelight.
As I’d noted, this is perhaps going to be the toughest any Galaxy foldable generation has had till now, to convince early adopters. Competition is finally figuring out its game. But do we have a comprehensive foldable phone yet? The OnePlus Open has a likeable personality and the software smarts such as Canvas figure prominently. The Vivo X Fold3 Pro has perhaps the best camera among all foldables, but you really must work on the software before it truly works the way you’d want it too. In that scenario, Samsung’s lack of improvement with the Galaxy Z Fold6’s cameras can be more than forgiven, because all things considered, it is perhaps doing the best balancing act across software, hardware and utility. Still some way to go, but you’re getting there.
FORWARD
The one thing I’m really looking forward to, is the Google hardware event next month. Expected at the next line-up of Pixel phones (likely the Pixel 9 series, but we can never be certain, can we?), and if Google India’s posts on X these past few days are anything to go by, even the next Pixel foldable may be arriving in India. Unlike its predecessor. That is always a good thing. Pricing, arguably, hasn’t been Google’s strongest point with Pixel phones in the previous couple of years. My opinion is, a more attractive price point, would go a long way in getting more potential buyers on-side.
Alongside, another hardware that’s expected is a streaming device. That has my attention. Google’s Chromecast streamers over the years have led the way in terms of the Google TV experience and most certainly held its own against the Amazon Fire TV family competition in most markets. It is believed that if announced, the next Google streamer will ditch the HDMI-led design to a more set-top box form factor. Which means, it’ll sit beneath or in front of the TV, instead of hiding behind it. I’d like that. In fact, have always preferred that. Ever since the late 2000s when Western Digital appealed to the entertainment buffs amongst us, with their then excellent WD TV streamers. One after the other, each better than the predecessor. In fact, there was even one with internal storage, for saving media from external drives to the local storage. I get ahead of myself. We’ll wait for August 13.
