Pages

Saturday, 20 July 2024

Global IT outage linked to Crowdstrike update

Source: CrowdStrike. Falcon image.
Source: CrowdStrike. A Falcon content update has affected Windows hosts.

A global IT outage has affected flights, banking, and company operations around the world, including in Singapore, India, and Australia, due to an errant update for CrowdStrike's Falcon Sensor. Reports of the Windows 'blue screen of death' (BSOD) began trickling in on Reddit at the start of the business day in Australia, and continued well into the US business day.

A statement on CrowdStrike's website said that the company is "actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.

"The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website."

Satnam Narang, Sr Staff Research Engineer at Tenable commented: “The outage affecting computer systems worldwide is severe. It is affecting critical systems, such as those in hospitals, airports, financial institutions and more. For instance, patients aren’t able to get medications in the hospital setting. It’s impacted me personally as I have a loved one who is currently in the hospital setting. 

"While the issue is associated with Windows systems, it does not appear to be an issue with Microsoft Windows, but rather, security software installed on millions of Windows computers worldwide. Because this is a security software, it requires a higher level of privileges to the underlying operating system, so a bad or faulty security update can result in a catastrophic impact. This event is unprecedented and the ramifications of it are still developing.”

Jake Moore, Global Security Advisor at ESET said:  "These outages are increasing in volume due to the sheer increase in numbers of online users and traffic. After witnessing the blue screen of death (BSOD), many people are quick to suspect a cyberattack or find similarities to Netflix’s Leave The World Behind* but this can often add to the confusion. It highlights the importance of these services and the millions of people they serve.

"Businesses must test their infrastructure and have multiple failsafes in place, however large the company is, this is typically referred to as a cyber-resilience plan. But as often it is with the case, it is simply impossible to simulate the size and magnitude of the issue in a safe environment without testing the actual network.

"The inconvenience caused by the loss of access to services for thousands of people serves as a reminder of our dependence on 'Big Tech' such as Microsoft in running our daily lives and businesses. Upgrades and maintenance to systems and networks can unintentionally include small errors, which can have wide-reaching consequences as experienced today by Crowdstrike’s customers.

"Another aspect of this incident relates to 'diversity' in the use of large-scale IT infrastructure. This applies to critical systems like operating systems (OSes), cybersecurity products and other globally-deployed (scaled) applications. Where diversity is low, a single technical incident, not to mention a security issue, can lead to global-scale outages with subsequent knock-on effects."

CrowdStrike launched CrowdStrike Falcon Complete Next-Gen MDR mid-July. Powered by the CrowdStrike Falcon cybersecurity platform, the new solution expands managed detection and response (MDR) operations beyond native endpoint, identity and cloud security telemetry.

Details

Workarounds for the Crowdstrike issue are listed at https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/

No comments:

Post a Comment