The day CrowdStrike broke the Internet, China was largely unaffected. Here’s why

On July 19, a routine software update from cybersecurity giant CrowdStrike unleashed digital chaos across the globe, exposing the fragility of interconnected IT networks.

Within hours, Windows-based systems worldwide crashed, displaying the dreaded “blue screen of death,” affecting 8.5 million devices globally. From New York’s Times Square, where digital billboards went dark, to London’s Heathrow Airport, where flight information boards fell blank, the cascading failures paralysed banks, media outlets and government agencies. 

Even Hong Kong’s stock exchange halted derivatives trading, and airports from Asia to Australia ground to a halt. Yet amid this global meltdown, the world’s second-largest economy remained an island of calm. In China, it was business as usual. The country’s critical infrastructure, from airlines to banks, continued operating without a hitch. Beijing Capital International Airport reported no disruptions, and the Shanghai Stock Exchange saw no trading halts. 

China’s resilience during this global digital crisis highlighted the success of its long-running campaign for technological self-sufficiency. Beijing has methodically replaced foreign tech with domestic alternatives in critical sectors for years. This Microsoft outage inadvertently demonstrated how far China has come in reducing its reliance on Western technology giants.

“The minimal impact of the Microsoft outage in China has proved that the country has made progress in achieving its goal of ‘safe and controllable’ computing systems,” noted one Chinese government employee, according to a South China Morning Post (SCMP) report. On Chinese social media, netizens joked that Microsoft had given them an unexpected day off. “Our company just switched to new computers with the HarmonyOS system, so we can’t join in your celebration,” quipped one Weibo user, referring to Huawei’s homegrown operating system.

The incident laid bare the risks of over-reliance on a handful of dominant tech providers. As industries and infrastructure worldwide have standardised on platforms like Microsoft Windows, they’ve also concentrated their vulnerabilities. A single point of failure can now cascade into a global meltdown.

What is CrowdStrike, and how did the outage happen?

The scale of the disruption was staggering. CrowdStrike, which controls about 18% of the $8.6 billion global market for “modern” endpoint detection and response software, saw its faulty update impact industries ranging from airlines and banking to healthcare and retail. Major corporations like McDonald’s, UPS, and FedEx were affected. Airlines faced hobbled communication between aircraft and ground control, with FlightAware reporting over 21,000 flight delays globally. Banking giants, including JPMorgan Chase, Nomura Holdings, and Bank of America, saw staff unable to access critical systems.

CrowdStrike’s CEO, George Kurtz, assured that the problem had been identified and a fix deployed. However, the recovery process proved time-consuming, requiring manual reboots of affected Windows machines – sometimes up to 15 times per system. This painstaking process underscored the vulnerability created by reliance on a single, dominant cybersecurity provider.

The incident also highlighted the complex relationship between CrowdStrike and Microsoft, fierce rivals in the cybersecurity space. While CrowdStrike’s faulty update took down Microsoft systems running the affected program, Microsoft’s widespread Windows operating system made the two companies unavoidably intertwined. This interdependence amplified the global impact of the outage.

China’s resilience in the CrowdStrike crisis

The incident exposed the risks of overreliance on a handful of dominant tech providers. As industries and infrastructure worldwide have standardised on platforms like Microsoft Windows, they’ve also concentrated their vulnerabilities. A single point of failure can now cascade into a global meltdown.

China recognised this danger years ago and has steadily worked to immunise its critical systems. Beijing has methodically replaced foreign technology with domestic alternatives in critical sectors for years. Chinese tech giants have developed homegrown versions of nearly every major Western software platform: Alibaba Cloud as an AWS alternative, WeChat replacing WhatsApp and Facebook, and Baidu providing search and mapping services akin to Google.

This drive for self-sufficiency comes at a cost. China’s insistence on domestic alternatives can lead to isolation from global innovation. Its heavily controlled internet stifles the free flow of information. And Chinese tech companies often struggle to gain traction in overseas markets due to security concerns.

Yet the CrowdStrike-induced meltdown demonstrates the strategic value of China’s approach. Technological autonomy provides a measure of security and stability in an era of heightened geopolitical tensions and cyber vulnerabilities. Other nations are taking note, with India launching its “Make in India” campaign and the European Union pursuing “digital sovereignty.”

China’s resilience should serve as a wake-up call for the US and its allies. Western dominance in key technologies can no longer be taken for granted. As China races ahead in areas like 5G, artificial intelligence, and quantum computing, it is cultivating economic advantage and strategic independence.

To top it off, China’s tech independence goes beyond consumer apps. The country has rapidly progressed in chip design, AI, and quantum computing. While still reliant on foreign suppliers for advanced semiconductor manufacturing, China is racing to close the gap.

Lesson(s) learned

The CrowdStrike incident also highlights the urgent need for greater resilience and diversity in critical IT systems worldwide. Over-reliance on any single vendor or technology creates systemic risk. To reduce exposure, organisations should consider multi-cloud strategies, open-source alternatives, and regular offline backups.

Policymakers must grapple with difficult questions about the balance between openness and security in our interconnected digital world. How can nations foster innovation and international collaboration while also safeguarding critical infrastructure? What role should governments play in ensuring technological resilience?

As the digital dust settles, one thing is clear: technological independence is becoming as crucial to national security as energy independence or food security. China’s ability to weather this storm relatively unscathed demonstrates the strategic foresight of its long-term tech policies.

For the rest of the world, the lessons are stark. In our hyper-connected age, a single software update can bring global commerce to its knees. Building more resilient, diverse, and independent IT ecosystems is not just a matter of economic competitiveness – it’s a national security imperative.

The great IT meltdown of 2024 will likely accelerate the fragmentation of the global tech landscape. As nations race to secure their digital sovereignty, the era of a truly worldwide web may end. The challenge now is to balance the benefits of interconnectedness with the imperative of resilience and security. China may have a head start.

See also: What enterprise IT teams can learn from Google Cloud’s June outage: A guide

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: CrowdStrike, downtime, microsoft