The New York City subway and other systems were spared from the global CrowdStrike incident thanks to their 'outdated systems'



On July 19, 2024, Japan time, a problem with a security tool provided by

CrowdStrike caused 8.5 million Windows terminals around the world to crash. This incident, known as the CrowdStrike incident , caused many airports and courts in the United States to malfunction, but it was reported that the Metropolitan Transportation Authority (MTA) , which operates the New York subway and bus routes, was spared from damage thanks to the use of 'outdated systems.'

The MTA's Oldest Controls Kept Going During the Tech Outage
https://www.curbed.com/article/mta-tech-outage-countdown-clocks-oldest-kept-going.html



On July 19th, a problematic update file was distributed to the Windows version of the CrowdStrike Falcon sensor, a security tool provided by CrowdStrike. This caused a logic error, causing Windows devices around the world with CrowdStrike products installed to repeatedly crash and experience blue screens.

For more details on the issues caused by CrowdStrike, see the following article:

What was wrong with CrowdStrike's code that caused many Windows to have blue screens?



CrowdStrike's failure affected 8.5 million Windows terminals, and in the United States, delays and cancellations occurred at LaGuardia Airport and John F. Kennedy International Airport, and users at major banks such as JP Morgan Chase and Bank of America were unable to log in or transfer money online. In addition, EV maker Tesla's production line was temporarily halted and court recording systems malfunctioned, causing chaos in various fields.

However, MTA subways and buses operated as usual despite the series of disruptions, and about 5 million New Yorkers were able to commute to work, etc. It has been pointed out that the reason for this is not because the MTA's security measures were perfect, but because it was operating an 'outdated system.'

The only part of the MTA's infrastructure affected by the CrowdStrike problem was a data feed showing the real-time locations of buses and trains, while train number tracking continued to function. Housing policy expert Alex Armlovich joked that the MTA's IT systems are so fragmented and incompatible that only half of the systems crash at any one time.



Regarding Armlovich's joke, foreign media outlet Curbed points out that it is a sharp insight into the truth about the MTA's IT system.

The MTA's train display system, which did not crash in this incident, was built over 11 years, beginning in the late 1990s, at a cost of $230 million (approximately 27.5 billion yen at the time of 1997). This is a sophisticated system that is linked to switches that control train movements, allowing the railroad control center to see where each train is and redirect it if necessary.

Meanwhile, the text-based train display system that crashed in this incident was created under former New York Governor Andrew Cuomo . This system is not linked to the switches that control the movement of the train, but is equipped with Bluetooth beacons attached to the train itself, which update the display on the platform when the train approaches a station.

In other words, the two train display systems operated by the MTA are independent of each other. In normal times, this might be considered an 'outdated IT system being left untouched,' but in this emergency, one of the systems continued to operate and help the public transportation system operate.



Curbed also points out that the most positive thing the MTA has gained from the CrowdStrike uproar is the stable performance of CBTC (Communications-Based Train Control), a system that enables more precise train control using wireless technology. Although the introduction of CBTC is costly and labor-intensive, subway lines that have already been introduced have an on-time operation rate of over 90%, and trains can arrive every two minutes even during rush hour. Curbed said that the MTA plans to add CBTC to all lines in the future.

in Software,   Web Service,   Ride,   Security, Posted by log1h_ik