One Nation Mostly Unaffected by the Crowdstrike Outage: China

The BBC reports that "while most of the world was grappling with the blue screen of death on Friday," there was one country that managed to escape largely unscathed: China. The reason is actually quite simple: CrowdStrike is hardly used there. Very few organisations will buy software from an American firm that, in the past, has been vocal about the cyber-security threat posed by Beijing. Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers.

So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities. Over recent years, government organisations, businesses and infrastructure operators have increasingly been replacing foreign IT systems with domestic ones. Some analysts like to call this parallel network the "splinternet".

"It's a testament to China's strategic handling of foreign tech operations," says Josh Kennedy White, a cybersecurity expert based in Singapore. "Microsoft operates in China through a local partner, 21Vianet, which manages its services independently of its global infrastructure. This setup insulates China's essential services — like banking and aviation — from global disruptions."
"Beijing sees avoiding reliance on foreign systems as a way of shoring up national security."

Thanks to long-time Slashdot reader hackingbear for sharing the article.

Two Nations . . .

[Kunedog]

Not a dupe, but the editors should be able to put one and one together:
https://it.slashdot.org/story/... [slashdot.org]

Re:Two Nations . . .

[ls671]

Brace yourself, next article will be about North Korea being unaffected! It just turned red on the firehose!

Re:

[93 Escort Wagon]

My Albanian friend has been lording this over me since Friday...

Re:

[nicubunu]

My Albanian friend has been lording this over me since Friday...

I am Romanian, so close to Albania but inside EU.... we were also affected very little, only outages reported were at airports.

Re:

[serafean]

Czech Republic. Almost didn't feel it in day to day society function.

Re:

[quonset]

I am actually pretty sure that majority of the world was unaffected.

Last number I saw was 8.5 million computers [bbc.com] were affected. Worldwide.

Some of them just happened to be used by the airlines which got the majority of the coverage.

/. must be using ...

[antdude]

... CrowdStrike! ;)

Chinese propaganda

[Compaq Disk Rereader]

Cool that we publish stories from long time slashdot reader and chinese propagandist hackingbear.
Check out his post history,

Homogeneity

[Baron_Yam]

>"Beijing sees avoiding reliance on foreign systems as a way of shoring up national security."

Homogeneity is great for support - when you have a fix for one system you have a fix for all. It is not so great for security - when one system is broken, they're all broken.

Disregarding the current climate in international politics and ignoring intelligence operations... just for regular business ANY nation, not just China, is unwise to put all its economic eggs in an American basket (or anyone else's) whether that basket is labelled Microsoft or Crowdstrike or whatever.

Re:

[tlhIngan]

Or how about the fact that in China, they probably don't run anti-malware software on a regular basis because that's not easily pirated?

China runs Windows a lot. They probably just rely on or disable the built in Windows Defender because it probably complains far too much about the pirated and cracked software containing tons of malware.

The problem was due to CrowdStrike, a (very) popular anti-malware software distributor, and not due to a Microsoft problem. China probably doesn't run anti-malware to begin

Re:

[VeryFluffyBunny]

Maybe they're unaffected because they're using the ultimate Microsoft update: https://www.kylinos.cn/ [kylinos.cn] It reliably removes all the malware in one go!

Re:

[AmiMoJo]

There are several domestic Chinese AV products on the market, and they have free versions. Even the paid ones are quite cheap.

China also has similar standards for IT security to everyone else, and insurance companies demand they are followed. The government obviously does too. They even have their own domestic CPUs that have China-specific security features, like versions of Ryzen parts with all the crypto and RNG hardware replaced.

I think they are quite serious about it.

Article misreads reason for outage?

[felixrising]

The article starts off talking about Crowdstrike, but then for some odd reason gets into 21Vianet being independent as some reason for isolating banking and aviation from global disruptions?! Makes no sense... It was Crowdstrike responsible, if that software isn't present, then you're golden. Of course, other AV vendors have also been the cause of wide spread OS crashes too.

Another largely unaffected country: North Korea.

[mmell]

I'm just making that up, but I'll bet I'm right. Just sayin'.

Re:

[backslashdot]

They need to get a computer first before worrying about it crashing.

Re:

[AmiMoJo]

Probably Russia too.

Also Japan doesn't seem to have been too badly hit, or South Korea. Does Crowdstrike not have major operations there?

Feels like some places are a distant world

[mukundajohnson]

I worked for company with nearly 100 products. I talked to admins from all over the world but I only vaguely remember one company from China.

Re: Without access to 70% of the internetz,

[dwater]

70%. Where did you get that number from?

why?

[nyet]

why would anyone in china be dumb enough to voluntarily install a US controlled malware rootkit?

Re:

[VeryFluffyBunny]

In China, they've issued an update that removes Microsoft rootkits & all other malware in one go: https://www.kylinos.cn/ [kylinos.cn] Apparently, it works rather well.

Re:

[dunkelfalke]

Not all the other ones, just the ones not sanctioned by the party.

Re:

[itsme1234]

why would anyone in china be dumb enough to voluntarily install a US controlled malware rootkit?

Why would anyone anywhere for that matter, except the usual reasons: somebody knows somebody and we "need" to buy this, "it would be a pity if something bad would happen to your machines", or you can't operate your ATMs, airline, hospital, whatever without some piece of software that meets some requirements and this magically does, or supposedly protects you from liability, whatever.

Also I don't get the way this

Re:

[AmiMoJo]

No need for quotes around "need", it's often a legal obligation, or a contractual one, to have anti-virus software installed.

Insurance companies often won't pay out unless the customer has followed best practice, and increasingly business contracts include clauses about cyber security. It's mostly a box ticking exercise - have AV software installed, staff have completed an online course, automatic updates are turned on. Some of our Linux stuff has to have packages updated regularly too, which can be all so

Re:

[quonset]

why would anyone in china be dumb enough to voluntarily install a US controlled malware rootkit?

Why would anyone in the U.S. be dumb enough to voluntarily install a China controlled networking product?

Re: why?

[memory_register]

All the Chinese computers already have hardware level rootkits from the CCP. No need for a competing one!

China is actually the only government with a plan

[AndrewFenn]

Hate them all you want but China is actually the only government as far as I know where if you have a company you have to comply with their cybersecurity directives (for example MLPS 2.0) to ensure your systems are secure. You need to ensure a whole bunch of stuff about how your systems are firewalled off, that data is encrypted at rest, and so on. It's mandatory for all companies earning over a certain amount of money. Now, that doesn't mean their execution is perfect but, in terms of governance it makes o

Re:

[Anonymous Coward]

LOL, you believe they're any better than us?

Advice: don't ever visit China, the shock of having your worldview completely shattered and the realization that you have been lied to for your whole life, would probably kill you.

Re:

[backslashdot]

I've been to China. Anyway, how about answering which of their companies are on the level of the ones I mentioned?

Re:

[_merlin]

Why aren't all western governments putting through similar laws?

There's stuff like FIPS certifications. Sarbanes-Oxley requires you to isolate your production environment from your testing environment, and have an audit trail for all changes to the production environment. Some countries (e.g. Australia) are implementing standards for verifying customers' identities. The EU has data sovereignty laws. You could probably take any country and find one area where their regulations are "better".

The USA

[backslashdot]

Let's be real. We weren't majorly affected. Some people had travel inconveniences, so what? It wasn't some sort of national disaster. There was no material impact on most people. It was more funny than anything else (for the most part).

Re:

[double_u_b]

First of al: since not only tech people but also random users have been disturbed, it IS as major incident. When users lose confidence in computer and softwares, it can be years before they can fully trust it once more. Second: event if it is only a one day disturbance for customers, since logicitics, administrations, theme parks, banks, hospitals have postponed things and must recover all the computers MANUALLY, it is a complete disaster for confidence in the product. For some, the impact is nearly the SA

Re:

[Seven Spirals]

I don't disagree, but I'd be a bit more strident in some areas. Many of the affected systems look like they should have been running hardened real-time operating systems, not Windows. It looks a lot like chickens coming home to roost after some bad decisions. It might be easier to roll out Windows in some cases, but then you have their entire ecosystem-load of baggage coming with them. I'd be much more comfortable seeing logistics, banks, hospitals, and air-travel systems running QNX or VxWorks or something

Re:

[double_u_b]

Fine, still using OpenVMS, half on Alphas half on VAXen. Happy :)

Re:

[Seven Spirals]

That would also be quite welcome, yes. Even OpenVMS on Itanium would be better than Window Server in this case.

Re:

[Errol backfiring]

Hospitals were affected, and surgery had to be postponed for some patients. I have no data on it, but it may actually have cost lives.

Re:

[Fly Swatter]

It really didn't affect me at all. But it is NOT funny at all either. It proves that there really is no back up plan anymore as part of running a business.

There should be a new test for infrastructure linked business: will it survive operation when pulling the plug? Hospitals, major supermarkets, distribution facilities, banks, infrastructure should all be required to survive such a test annually.

That house of cards is growing by moving cards from the foundation to the top...

Pauline Pantsdown

[johnsnails]

Will be so happy

So Russia and China ...

[cascadingstylesheet]

... that said, they're not wrong ... about this. "Avoiding reliance on foreign systems" is in fact a help to national security.

Most of Asia, and Russia also not affected

[khchung]

Basically, any place that are not Crowdstrike's customer were fine.

Get some perspective.

[Mozai]

""It's a testament to China's strategic handling of foreign tech operations..."

Herd of cattle using software A unaffected by exploit in software B. This isn't strategy: it's luck. You should know better than to praise someone for this.

It's not luck if your design accounts for it.

[Seven Spirals]

It's not luck that keeps folks like OpenBSD more secure, it's their design and secure practices.