Global Cyber Meltdown Hell
Posted July 19, 2024
Chris Campbell
Reporting from Savannah, Georgia…
Hell is real.
It may appear in many forms to many different people.
But one of those forms is - without doubt - a halted TSA line where an infinite number of bosses look at a bag, scratch their chins, and call their bosses to look at that same bag. Forever.
Yesterday, a woman had some suspicious stuff in her luggage. So suspicious, in fact, they stopped everything and scrambled the boss brigade.
She was right in front of me.
(So close.)
One TSA agent called his boss, who then came, scratched his chin, then called his boss. His boss came, took a look, called his boss, and so on. We had five levels of bosses involved before anyone even moved the bag.
Meanwhile, mind you…
I’m standing next to the scanner machine - closest to the bag - with nowhere to go.
When they finally had an underling pull it out of the machine and place it carefully on the table, they all gathered around it like a group of teenage boys staring at a rattlesnake.
Yeah, you guessed it: They were waiting for directions from yet another boss. I think we were at seven boss’ bosses at this point.
Finally, someone took a deep breath and unzipped the bag.
He fished out a half-filled metal flask and a battery pack, holding them between two fingers like dead rats strapped to dynamite.
Behind me, the line kept growing longer, all watching the scene play out.
The bosses scratched their chins thoughtfully. They told an underling to put them through the machine again.
Turns out - gasp - it was in fact a flask and a battery pack.
Perhaps I’m being dramatic.
Turns out, I got lucky after all.
Unbeknownst to all of us, an even bigger security threat was brewing - this one from the deep pits of the interwebs.
Enter the global cyber airport meltdown hell, a rung much further down in Dante’s epic.
“IT’S ALL TOAST. ALL OF IT!”
“I got my first hand-written boarding pass today,” says Akshay Kothari.
Kothari, if you don’t know, is the co-founder of all-in-one workspace app Notion. He’s far from the only one who’s sat in airport purgatory today for hours on end.
It’s only been a few hours and they’re already calling it one of the biggest IT outages… ever.
First thing to know: be on guard for the next week or so. Hackers and criminals will try to use this to trick you. They’ll pretend to be IT professionals who want to help you.
Second thing to know, this outage happened because the Internet is broken.
After all…
How is it that airlines, banks, media, payments, emergency systems and healthcare can all go down at once - all around the world?
The answer:
People don't usually care about upgrading their tech until it blows up in their faces and costs them a fortune.
Whether this latest fiasco was an attack or just incompetence, it’s a stark reminder of how fragile our connected world is.
But this deserves nuance.
The Worst of All Worlds
As much as I rage against centralized systems in these digital leaves…
CrowdStrike, the apparent cause for the outages, is in fact a distributed (decentralized) system.
It employs a cloud-based platform, CrowdStrike Falcon, which leverages a combination of endpoint protection, threat intelligence, and threat hunting capabilities.
The system processes massive amounts of data weekly and relies on a distributed network of agents and cloud instances to monitor and respond to security threats in real-time.
BUT, here’s the problem:
That distributed network of agents is 100% reliant on a centralized client.
This is actually the worst of both worlds when disruptions inevitably happen. A complex distributed system that hinges on one client is even riskier than a 100% centralized one.
It's just as easy to crash but a nightmare to revive.
This goes to show: You can’t have one foot in the door and one foot out.
Cryptographers to the Rescue
As the Internet gets more complex, distributed systems are going to become more necessary - and they can’t rely on siloes to keep them going.
The grandfathers of the Internet - with the development of the ARPANET - understood this. They were tasked with creating a communication system that could withstand nukes and keep going.
In this week’s Early Stage Crypto Investor, we published a report on one crypto project helping to turn the Internet right side up.
And, to boot, they have the attention of several top government agencies - including the USAF and DoD.
I’m calling it the “Stovepipe Slayer” - and it’s among many under-the-radar crypto projects in our portfolio.