The few hours yesterday when the global IT outage disrupted operations at airports, financial institutions, hospitals, and other critical businesses and industries offered just a glimpse into the risks of our increasingly online world.
Friday’s incident has already been deemed the largest IT outage in history, caused not by a security incident or cyberattack but by faulty software. And, as the world continues to shift towards digital, interconnected technologies, this is not likely to be an isolated incident.
At the centre of the outage are Microsoft’s Windows operating system and CrowdStrike, a cybersecurity technology firm that provides cloud workload protection, threat intelligence, and cyberattack response services.
While the issue was quickly detected and fixes deployed within hours, there will be inevitable repercussions, including financial losses, as systems across the globe will take some time to fully recover from this unprecedented IT failure. T&T was spared the full effects of the global outage, although some banking and other online issues were reported.
The Piarco and ANR Robinson international airports remained functional, with only one flight—United Airlines 1459 to Houston–cancelled due to the outage. However, the incident brings into full focus this country’s vulnerabilities and recent incidents with outages that affected major telecommunications, retail and government entities.
There are significant challenges for this country, as well as most of Latin America and the Caribbean because our rapid adoption of digital technologies was not accompanied by the necessary protections from disruptions and attacks. COVID-19 accelerated this region’s advancements into government e-services, remote work, digital currency, and e-learning, and, not surprisingly, cyberattacks became more frequent and complex.
In just over a year, there have been breaches at the Office of the Attorney General and Ministry of Legal Affairs (AGLA), Telecommunications Services of T&T (TSTT), Massy Stores, Unicomer Limited (Courts) and other major enterprises. These were well-coordinated and sophisticated cyberattacks, raising well-founded concerns about potential risks to national security and public safety. In most cases, the breaches were traced to ransomware groups from outside of the region, and the experiences underscored the importance of strong cybersecurity measures for industries and businesses. The risk remains for several critical elements of the national infrastructure, including the electricity grid, water treatment plants, telecommunications, and the healthcare system, where disruptions or manipulations can cause severe social and economic fallout.
Yesterday’s global outage was a reminder of the prevailing threat landscape, where attacks can result in disruption and damage on a scale comparable to a major natural disaster. T&T should have been further along the path to cyber resilience, but the truth is that in too many instances, cybersecurity is reactive, with actions taken only after incidents have occurred.
Unless a different approach is adopted, there will come a time when that will be too late. What is needed in this era of rapidly evolving interconnectivity is a substantial and coordinated effort in the public and private sectors to confront the cyber risks posed by emerging technologies.
This will require investments in significant resources to detect and repel cyberattacks, increased risk management efforts, and overall cyber-resilience improvements.
Government needs to undertake an urgent review of cybersecurity strategies. Priority should be placed on developing, implementing, and regularly updating policies and strategies, particularly as they pertain to the operations of state agencies, telecommunications, manufacturing and finance. T&T could be hit hard if we don’t prepare for a major software glitch or full-scale cyberattack.
