Human-induced global warming is disrupting the Atlantic Meridional Overturning Circulation (AMOC), a critical ocean current system that includes the Gulf Stream, responsible for warming Europe. A total shutdown of the AMOC could trigger a massive release of carbon from deep Antarctic waters into the atmosphere, exacerbating global warming.
Research indicates that an AMOC collapse can lead to severe climatic consequences, including colder winters in Europe and disrupted monsoons in Africa and Asia, while also increasing global temperatures. Recent computer models predict that this scenario could release 640 billion tonnes of carbon dioxide near the South Pole, raising global temperatures by an additional 0.2°C.
“The collapse of the AMOC may trigger large-scale mixing in the Southern Ocean, releasing carbon stored in deep waters,” states Danian, a researcher at the Potsdam Institute for Climate Impact Research. “This outcome is unprecedented.”
The co-authors emphasize that potential catastrophic events can have even more severe implications than previously understood. As Johan Rockström, also from the Potsdam Institute, notes, “We must remain vigilant, as one failure can trigger a domino effect.”
The AMOC operates by transporting warm, salty water from the Gulf of Mexico to the North Atlantic, where it cools, sinks, and circulates back southward along the ocean floor. Scientists believe that increased fresh meltwater from the Greenland ice sheet is diluting the AMOC, thereby slowing its sinking process.
Recent buoy measurements reveal a weakening return flow, suggesting a 15% decline in the AMOC, with models predicting a potential collapse within decades to centuries.
A new study exploring AMOC collapse under varying climate scenarios shows that if atmospheric CO2 levels exceed 350 ppm, the AMOC fails to recover after shutdown. Given the current CO2 level of 430 ppm, this indicates that AMOC decay may be irreversible.
The study also identified that if the AMOC, a key component of the global ocean current conveyor belt connecting the Southern Ocean and Pacific Ocean, collapses, it could lead to deep water convection near the South Pole. This deep water rests under a layer of fresher surface water, where carbon accumulates from both atmospheric CO2 and decaying plankton. The model suggests a significant portion of this carbon would be released into the atmosphere.
Previous research indicates that past AMOC collapses similarly triggered convection near the South Pole, aligning with evidence that the Southern Ocean is becoming less salty. This reduction in salinity disrupts the layered structure above the saltier deep water, facilitating surface access for deep water.
“It’s striking to observe these changes in such a warm climate amid rising CO2 levels,” says Jonathan Baker from the Met Office. “This study is intriguing, yet its findings depend on whether convection in the Southern Ocean intensifies; different models exhibit varied responses, leading to ongoing uncertainties.”
The study also forecasts that AMOC collapse could cool the Arctic by 7 degrees Celsius, freezing regions in Canada, Scandinavia, and Russia while concurrently warming Antarctica by 6 degrees Celsius. The West Antarctic Ice Sheet remains at risk of surpassing its tipping point, which could trigger a larger collapse of the East Antarctic Ice Sheet, resulting in significant sea level rises.
The repercussions of CO2 emissions could persist for over a millennium following any AMOC closure. However, Rockström cautions that continued greenhouse gas emissions may lock in a future collapse of the AMOC in just a few decades.
“The window for change could be as short as the next 25 to 50 years,” he warns. “It’s vital to recognize the urgency; it’s not just about the timing of impacts, but about our commitment to preventing an increasingly inhospitable planet for future generations.”
“Where did CrowdStrike go wrong?” is, if anything, a slightly overly generalized question.
You can also think about it the other way around: if you push an update to every computer on your network at the same time, by the time you find a problem, it’s too late to contain the impact. Alternatively, with a phased rollout, the update is pushed to users in small groups, usually accelerating over time. If you start updating 50 systems at once and then they all immediately lose connection, you hope you notice the problem before you update the next 50 million systems.
If you don’t do a staged rollout, you need to test the update before pushing it to users. The extent of pre-release testing is usually up for debate; there are countless configurations of hardware, software, and user requirements, and your testing regime must narrow down what’s important, and hope that nothing is overlooked. Thankfully, if 100% of computers with the update installed experience crashes and become inoperable until you manually apply a tedious fix, it’s easy to conclude that you didn’t test enough.
If you’re not doing a staged rollout and testing the update before it ships, you need to make sure that: Not broken.
Broken
Many flights at Orlando, Florida’s airport were canceled or delayed amid the CrowdStrike crisis. Photo: Miguel J. Rodriguez Carrillo/Getty Images
In CrowdStrike’s defense, I can understand why this happened. The company offers a service called “endpoint protection,” which if you’ve been in the Windows ecosystem for a few years, might be easiest to think of as antivirus. It’s built for the enterprise market, not the consumer market, and not just protects against common malware, but also tries to prevent individual computers used by companies from gaining a foothold on the corporate network.
This applies not only to PCs used by large corporations that need to provide every employee with a keyboard and mouse, but also to any other business with large amounts of cheap, flexible machines. If you left your house on Friday, you know what that means: advertising displays, point-of-sale terminals, and self-service kiosks were all affected.
The comparison is relevant because CrowdStrike is in a space where speed is crucial. The worst-case scenario, at least until last week, is a ransom worm like WannaCry or NotPetya, malware that not only does significant damage to infected machines but also spreads automatically in and out of corporate networks. So its first line of defense operates quickly: Rather than waiting for a weekly or monthly release schedule for software updates, the company pushes out files daily to address the latest threats to the systems it protects.
Though limited, even a phased rollout could cause real damage. WannaCry destroyed many NHS computers during the few hours it spread unchecked, before being accidentally halted by British security researcher Marcus Hutchins while trying to figure out how it worked. In this scenario, a phased rollout could result in loss of life. Delays in testing could be even more costly.
That means updates shouldn’t cause this kind of problem: rather than new code that runs on each machine, updates are more like dictionary updates that tell already-installed CrowdStrike software what new threats to look out for and how to recognize them.
At the loosest level, you can think of it as something like this article: You’re probably reading it through some application, like a web browser, an email client, or the Guardian app. (If you’ve arranged for someone to print this and deliver it to you with your morning coffee, congratulations!) We haven’t done a staged rollout or full testing of the article, because nothing would happen there.
Unfortunately, the update pushed out on Friday actually did something. High-level technical details remain unclear, and until CrowdStrike reveals the full details, we’ll just take their word for it. The update, which was meant to teach the system how to detect a specific type of cyberattack that had already been seen in the wild, actually “introduced a logic error, causing the operating system to crash.”
I’ve been covering this sort of thing for over a decade now, and my guess is that this “logic error” boils down to one of two things: Either an almost incomprehensible failure condition occurs in one of the most complex systems mankind has ever built, causing a catastrophic event through an almost unthinkable combination of bad luck, or someone does something incredibly stupid.
Sometimes there are no classes
Consumer self-service kiosks operated by Britain’s South Western Railway were also affected. Photo: Anadolu/Getty Images
There have been a lot of comments over the past few days.
This is an inevitable evil that results from the concentration of power in the technology sector in just a few companies.
This is an inevitable consequence of the EU prohibiting Microsoft from restricting antivirus companies’ ability to tamper with basic levels of Windows.
This is the inevitable harm of cybersecurity regulation that focuses more on checking boxes than on actual security.
This wasn’t a security issue because no one was hacked – it was just a bug.
None of it worked. CrowdStrike, despite the disruption it caused, doesn’t wield much power. It’s one of the big players in the space, but it’s installed on only about 1% of PCs. Microsoft says: They claim that the failure happened only because of regulations.Meanwhile, in the alternative where third-party security companies can’t operate on Windows, with Microsoft setting itself up as the only line of defense, it looks like we’ll be in a world where the first big failure actually affects 100% of PCs.
Cybersecurity regulations have actually benefited companies that have adopted CrowdStrike, making complicated certification processes into a simple checkbox check, and maybe that’s a good thing: “Buy a product to be safe” is the only reasonable request for the vast majority of companies, and CrowdStrike has delivered, except for that one unfortunate time.
But unfortunate or not, it was definitely a security issue. The golden triangle of information security has three goals: confidentiality (are the secrets kept secret?), integrity (is the data correct?), and availability (can the system be used?). CrowdStrike could not maintain availability, which meant they could not protect their customers’ information security.
In the end, the only lesson I can take comfort in is that this is going to happen more. We’ve managed so well with so many of our society’s failures that the ones that hit us from now on will be more unexpected, more severe, and less prepared for. Just as a driver can become so confident in their cruise control that they lose control right before an accident, we’ve managed to make catastrophic IT failures so rare that recovering from them is a marathon effort.
Yay?
The Wider TechScape
Social media automatically distributes problematic content to young men with little oversight. Illustration: Nash Weerasekera/The Guardian
“A complete river of rubbish”: Josh Taylor of The Guardian Australia Facebook and Instagram Algorithms The blank account fueled sexism and misogyny.
Is the world’s largest search engine broken? Tom Faber asks Google It is losing momentum.
Is this the end? The Story of Craig Wright? Post The Court’s Full Decision Post on your Twitter feed that you feel like the last decade of your career is final.
Parents have even more reason to worry, as AI technology overwhelms capture efforts. Child Abuser.
and Roblox Back in the spotlight Child sexual abuse failureCritics say the company’s privacy stance makes things worse.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
