in July 2024 a botched update to the software defenses managed by cybersecurity firm CrowdStrike caused more than 8 million Windows systems to fail, according to the article. sectors from hospitals to manufacturers, stock markets to retail stores experienced interruptions as payment systems were disrupted, broadcasters went off the air, and flights were canceled. the outage is estimated to have caused direct losses of more than Not stated. billion to Fortune 500 companies. for US air carrier Delta Air Lines the error exposed the brittleness of its systems; the airline suffered weeks of disruptions, leading to Not stated. million in losses and 7,000 canceled flights. then-US secretary of transportation Pete Buttigieg announced an investigation and questioned whether airlines and other firms can absorb and recover from such incidents.
the article places the CrowdStrike incident in a broader context of mounting unplanned downtime and large-scale cyber incidents. unplanned outages are estimated to cost Global 2000 companies on average Not stated. million per year and can erode customer trust, reduce productivity, and create legal or privacy exposures. a 2024 ransomware attack on Change Healthcare, the medical-billing subsidiary of UnitedHealth Group, exposed data for around 190 million people and caused weeks of outages. another 2024 attack on CDK Global disrupted nearly 15,000 auto dealerships and produced roughly Not stated. billion in losses for car dealers over a three-week period. as organizations become more interconnected and adopt technologies such as Artificial Intelligence, the attack surface expands and threat actors exploit new opportunities. the article warns that cyberattacks are becoming more sophisticated and damaging as Artificial Intelligence-driven malware and malware-as-a-service platforms accelerate attacks.
to confront these trends the article urges firms to adopt a more proactive posture toward security and resilience. Chris Millington, global cyber resilience technical expert at Hitachi Vantara, is quoted saying the traditional detect-after-the-event approach must give way to preventative measures and intelligence-driven efforts to harden systems and business operations. the piece emphasizes risk management, containment planning, and building operational resilience across interconnected systems. the content was produced by Insights, the custom content arm of MIT Technology Review, and was not written by the editorial staff; it notes that any Artificial Intelligence tools used were limited to secondary production processes and subject to human review.
