cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kaity
Community Manager

ALL THINGS CrowdStrike - July 2024 Incident

Hi all! There are so many great discussions about CrowdStrike going on in this Community, but we want to bring them together in one place, so that folks can share and discuss efficiently! 

54 Replies
ericgeater
Community Champion

Provide customers with greater control over the delivery of Rapid Response Content updates by allowing granular selection of when and where these updates are deployed.

 

This part right here just screams that there were more than 8 ½ million machines affected.

-----------
A claim is as good as its veracity.
denbesten
Community Champion


@ericgeater wrote:

granular selection of when and where these updates are deployed.


I said exactly that to my boss's boss on Friday morning, figuring he might be called into a discussion with the vendor.

 


This part right here just screams that there were more than 8 ½ million machines affected.


I'm thinking they owe  8 ½ million "apology gift cards".  

 

dcontesti
Community Champion

CrowdStrike published its “preliminary post incident review” this morning. And it hides some horrific details inside the boring verbiage.

As you’ll recall, millions of PCs and servers bluescreened last week. The cause was a corrupt CrowdStrike security update that caused the machines to access illegal memory from within the Windows kernel itself.

Today, we learned two incredible things: That this type of rapid update isn’t tested by people; and that CrowdStrike doesn’t dogfood them, nor do staged, “canary” deployment. In today’s SB  Blogwatch, we sit slack jawed in horror.

 

Interesting article:

 

https://securityboulevard.com/2024/07/crowdstrike-pir-canary-bsod-richixbw/?utm_source=richisoc&utm_...

 

 

 

Caute_cautim
Community Champion

@dcontestiAbsolutely incredibly with such an admission.

 

Whatever happened to DevSecOps and automation best practices?

 

Who did the risk assessment of this practice as being acceptable?

 

Regards

 

Caute_Cautim

dcontesti
Community Champion

Sorry but it's all about $

 

If they don't rest (follow proper change ....you know Develop/Test/QA/Deploy), they save money.

 

I just wonder how many lawsuits will actually come from this or how much they will need to compensate folk.

 

Like I said before, my airline gave me two nights hotel accommodations (400 Euros a night) plus food vouchers another 70 Euros).  Not sure how many folks that they did this for but............it could be costly.

 

The other thing I wonder about is most countries now have passenger rights laws that provide compensation to passengers whose flights are delayed.  I wonder how many folks will test the law and see if they get compensation????

 

d

 

 

 

dcontesti
Community Champion

Well I suspected it would only be a matter of time:

 

CrowdStrike Sued? — Delta Dials David Boies

 

The article suggests that Delta loss $350Million to $500 Million due to claims, etc.

 

https://securityboulevard.com/2024/07/crowdstrike-delta-boies-richixbw/?utm_source=richisoc&utm_medi...

 

Will we see others???

 

d

 

 

 

 

 

denbesten
Community Champion


@dcontesti wrote:

 

Will we see others???


Yes.  There already are.

Caute_cautim
Community Champion

Hi All

 

Of course, now the shareholders are suing Crowdstrike too....  more to come.

 

CrowdStrike is being sued by its shareholders after a faulty software update by the cybersecurity firm crashed more than eight million computers and caused chaos around the world.

 

The lawsuit accuses the company of making "false and misleading" statements about its software testing.

It also says the company's share price dropped 32% in the 12 days after the incident, causing a loss in market value of $25bn (£14.5bn).

 

CrowdStrike denies the allegations and says it will defend itself against the proposed class action lawsuit.

 

Now is the time to switch vendors, could be a long drawn out process...

 

https://www.bbc.com/news/articles/cy08ljxndr4o

 

Regards

 

Caute_Cautim

dcontesti
Community Champion

CrowdStrike CEO Called Before Congress Over Worldwide IT Outage

 

CrowdStrike CEO George Kurtz has been called to testify before Congress regarding last week’s worldwide IT outage caused by the company’s software update.

 

https://www.iotworldtoday.com/connectivity/crowdstrike-ceo-called-before-congress-over-worldwide-it-...

 

This is the same firm that refused to share information with the FBI on the DNC hack back in 2019

 

https://apnews.com/article/archive-fact-checking-7657130451

 

 

 

 

 

funkychicken
Contributor I

Crowdstrike have nearly resolved the issues and are putting measures in place to prevent this happening again. 

 

I have spoken to one of the CIO's there and they are frantically making sure this doesn't happen again and although it was not the department that this person works in, they are all working together to put measures in place for the software life cycle stack. The next time I am mountain biking again, I will ask to see how its being adopted in the company. 

 

The update is on their page at https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/