CrowdStrike to implement new checks to avoid another global IT outage

0 1

Unlock the Editor’s Digest for free

CrowdStrike has vowed to implement new checks to avoid a repeat of the global IT outage that hit millions of computers last week, as the cyber security company outlined the initial findings of its investigation into what went wrong.

Texas-based CrowdStrike said on Wednesday that the measures would include improvements to its internal testing, as the group seeks to prevent the kind of widespread disruption that hit industries from airlines to retailers caused by its faulty software update.

Microsoft has estimated that about 8.5mn Windows devices, which amounted to less than 1 per cent of all Windows machines, were hit by the faulty update, which grounded planes, interrupted hospital appointments and took broadcasters off air around the world.

CrowdStrike said it also planned to implement “a staggered deployment strategy” for updates similar to the one that triggered last week’s outage. They would be “gradually deployed” to reduce the risk of large numbers of computers and servers being affected by an error at once, it said.

In the wake of the chaos, CrowdStrike’s chief executive George Kurtz was summoned by the US subcommittee on cyber security and infrastructure protection to explain the company’s role in what lawmakers said “some have claimed to be the largest IT outage in history”.

CrowdStrike, one of the world’s largest cyber security vendors, said it was “actively in contact with relevant congressional committees”.

The company last week blamed an update to its Falcon software for a bug that triggered a “blue screen of death” error on millions of computers.

On Wednesday, in a preliminary review of the incident, CrowdStrike said the “undetected error” in the software had been missed due to a “bug” in its “content validator”, which is supposed to check for problems.

That bug meant that the faulty update “passed validation despite containing problematic content data”, CrowdStrike said.

It took about 90 minutes for millions of machines to be affected by the faulty update, which began to be rolled out on Friday, before CrowdStrike discovered the problem and took action to prevent more computers being hit.

The incident has raised questions about the risks of the interconnected nature of global IT systems and the potential for an error to have outsized consequences.

CrowdStrike warned last week that “threat actors” were attempting to take advantage of the disruption to “distribute malicious files” targeting its customers.

The company published a list of internet domains that it said “impersonate CrowdStrike’s brand” and could be used by cyber criminals to trick unsuspecting customers by serving them “malicious content”.

Read the full article here

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy