Chinese cybersecurity companies are exploiting a major Microsoft Windows outage that disrupted businesses and grounded flights around the world on Thursday and Friday to promote their own software as the Chinese government seeks to reduce reliance on foreign suppliers.
Austin, Texas-based cybersecurity firm CrowdStrike pushed a faulty software update that crashed the Windows operating system, causing one of the largest outages in history, affecting airports, banks, hospitals and many other businesses.
360 Security Technology, China’s largest cybersecurity company, used the opportunity to promote its own products, claiming they are “more reliable, stable, comprehensive and intelligent.”
Have questions about the biggest topics and trends from around the world? Find the answers on SCMP Knowledge, our new platform that provides curated content with explainers, FAQs, analyses and infographics from our award-winning team.
“When selecting endpoint security software, it is important to thoroughly evaluate its defensive capabilities to avoid potential security risks and ensure business continuity and data security are not compromised,” the company said in a social media post on Friday.
Visitors tour the booth of Chinese internet security company Qihoo 360 at the Global 5G Convention in Beijing on November 21, 2019. Photo: Xinhua News Agency alt=Visitors tour the booth of Chinese internet security company Qihoo 360 at the Global 5G Convention in Beijing on November 21, 2019. Photo: Xinhua News Agency>
“Software vendors whose sole role is in system stability must enforce stricter quality control over their software,” QAX, another well-known company in the space, wrote in a blog post on Friday.
Tencent Holdings, which runs the Tencent PC Manager platform, said on Friday it had received reports from some users that they had experienced a Windows error screen known as a blue screen. The company recommended users use CrowdStrike’s official workaround to resolve the issue.
The incident adds to a growing list of reasons why Beijing is trying to distance itself from foreign technology as it seeks technological independence amid growing export restrictions and sanctions from Washington. Critical infrastructure in China was largely unaffected, with only foreign companies and luxury hotels suffering damage.
Microsoft said its systems had been restored on Friday, but many businesses are still dealing with the impact.
Hong Kong International Airport, whose passenger check-in system was down, announced on Saturday that operations had returned to normal.
The story continues
China’s cybersecurity market is dominated by local companies. Beijing has been phasing out software from companies such as Russia’s Kaspersky Lab and the U.S. company Symantec. CrowdStrike does not sell any products or services in China, according to its website.
CrowdStrike shares fell 11.1% to $304.96 on the Nasdaq on Friday, while Microsoft was down 0.74%. Rivals SentinelOne and Palo Alto Networks rose 7.85% and 2.16%, respectively.
China has pursued varying degrees of technological self-reliance for decades, but the government has become increasingly distrustful of foreign commercial software since leaks in 2013 by U.S. intelligence contractor Edward Snowden revealed methods the National Security Agency used to obtain information from some of the world’s largest tech companies.
A decade ago, the government launched a concerted effort to switch completely to domestically produced security software, according to a 2014 report by the state-run China News Agency.
All departments within the Ministry of Industry and Information Technology have adopted 360 software, and state-owned enterprises plan to follow suit and adopt domestically developed alternatives, according to the report.
CrowdStrike has made monitoring Chinese cyberattacks a key part of its business as Western countries warn of an increase in attacks by actors linked to China.
The company reported seven Chinese cyberattacks against U.S. technology and pharmaceutical companies in 2015. Chinese Foreign Ministry spokeswoman Hua Chunying said at the time that “the Chinese government does not in any way engage in, encourage or assist companies in the theft of trade secrets.”
In its latest annual report, CrowdStrike said that in 2023, “China-linked attackers will increasingly target third-party relationships.”
This article originally appeared in the South China Morning Post (SCMP), the most authoritative news source on China and Asia for more than a century. For more SCMP articles, visit the SCMP app or follow SCMP on Facebook. twitter P a g e Copyright © 2024 South China Morning Post Publishers Ltd. All rights reserved.
Copyright (c) 2024. South China Morning Post Publishers Ltd. All rights reserved.
