Hi all! There are so many great discussions about CrowdStrike going on in this Community, but we want to bring them together in one place, so that folks can share and discuss efficiently!
@Caute_cautim wrote:A great explanation, by the way it is not a cyber security incident:
I would prefer wording like "Not a malicious security incident." It is a cybersecurity incident; checks, balances, and testing that should have been in place weren't there to guard against a catastrophic failure.
@dcontesti wrote:This affected the Availability of many systems globally. I really question where their Change Management was....no testing? What happened to the Development/Testing/QA/ Production? A classic fail on their part.
Absolutely. It may not have been malicious, but it most certainly is a security incident. Otherwise, 90 percent of the CVE "isn't a security incident."
Part of this is the hazard of uniformity in systems, but this also highlights the hazard of supply-chain attacks. Think about it; you have all these Windows systems bricked by a third-party application. Isn't this what everyone is squealing about these days with "zero trust?"
So my take, while maybe not malicious, I tend to think of this in terms of a Security Breach. The basis for most things we do in Security is CIA, although of late, Integrity and Availability are not discussed as much as Confidentiality. Also when computers start blue screening for no apparent reason, Security always get tapped to work on the issue. From past experiences, most people think that seeing the Blue Screen indicates they have been hacked.
I believe this is a colossal failure in their (CrowdStrike) Change Management processes (development/testing/QA and finally deployment).
I also question the contracts in place with CrowdStrike that allows them to automatically push a patch/fix to systems without (so it seems) proper notification. Not sure about others but we do not even let M$ push patches without our knowledge. Whilst they may be downloaded automatically, they are not deployed until they are tested in house.
Total failure; Management 101 gets an F- for CrowdStrike. To those that have cntracts with CrowdStrike also an F-.
d
Thanks for sharing this information with us @Caute_cautim.
Hi All
Ah, birds and windows… avians and glass panels… locked in an eternal battle that, to be fair, the window wins 99% of the time. Not in this instance though.
Silly metaphor aside, this recent Crowdstrike vs. Windows debacle is serious, in fact I’d say that this is the incident Y2K wishes it was.
Want to know what happened? Grab yourself a cup of tea and read on.
Regards
Caute_Cautim
Cybersecurity experts have uncovered a concerning development following the recent CrowdStrike Falcon sensor issue that affected Windows systems on July 19, 2024. Threat actors are now actively exploiting this incident to target CrowdStrike customers through various malicious activities.
Well we knew it was only a matter of time...............
d
Smiles. When I first started at my company (too many years ago)......the mainframe was going away.............Its still there and working.