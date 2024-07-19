Global IT Crisis July 19: Flawed CrowdStrike Update Causes Widespread Disruptions In Microsoft Ecosystem |

ACTUAL PROBLEM

There is a widespread global outage in Windows computers today, likely due to an update issued by CrowdStrike. Millions of Windows computer users around the world are currently experiencing the Blue Screen of Death (BSOD) error, which causes their systems to suddenly shut down or restart.

EFFECT OF PROBLEM

An outage has hit computers around the world, affecting airlines, hospitals, Banks, Financial institutions, retailers and other businesses.

Some Microsoft clients across globe, including some airlines, were affected by an outage on its cloud service system, Azure. Airports have been impacted. Superstores are closed. In India also IB Minister, Govt. of India issued the advisory

Unaffected IT industry – Linux based computers & server, Android based computers and server and other Non-Microsoft products remain unaffected and continued to work as usual.

CAUSE OF PROBLEM

That outage was caused by a flawed security update by CrowdStrike in Microsoft products. The issue appeared to be with an update to CrowdStrike software called Falcon Sensor. George Kurtz, CrowdStrike company’s chief executive, said in a statement that it was “actively working with customers impacted by a defect found in a single content update for Windows hosts.” He added: “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”

HIDDEN UNKNOWN CAUSE OF PROBLEM

The problem in depth is also has another side, which could be a dark side to it. The Dark Web has already claimed that there was a security breach within the CrowdStrike company's code. This was intentionally flawed or Infected Update, which was sent to Microsoft and Microsoft had updated all its software's. In this way, it is also assumed that today's attack to be the testing ground for any global massive outage of IT systems.

In today’s attack if the infection has happened through the cybersecurity companies own coding, then this is a warning bell for the cyber security community as a whole. These attacks might have been done by dark web groups which are testing their capabilities to attack in the form of cyber terrorism. Future attacks, those may happen across all the sectors, which lead to paralyzing the entire Global IT system & infrastructure. These attacks could lead to the global disruptions in the existing mankind's dependency on the information technology and its day to day usage. These are very serious threats because these software's are taking down the hardware device to just the Stone Age class.

SOLUTIONS PROPOSED FOR PROBLEM

For now, there is no automatic solution to the CrowdStrike problem. But the company has offered a manual solution in a note to its customers. It says:

This solution proposed cannot be done remotely or automatically. But this needs to be done manually for each and every machine which is given downtime. This process is not at all user friendly but needs a detail technical know how. Any small mistake in doing so will leads to Furter complications and failure of systems.

LONG TERM SOLUTION FOR PROBLEM

In the view of today's incident, the long term problem lies in not keeping all the eggs in the same basket. In short, as we could see that Microsoft paralyzed its entire setup about Linux, Apple and Android prevailed. So, fundamentally, any organization's infrastructure and its data does not need to be placed on only one vendor or the software. Rather every organization will need to have two or three different IT infrastructures such as Microsoft, Google, Android, Linux, Apple and many more.

Similarly, the problem lies in the spoofing or backdoor entry of the cybersecurity company itself. So cyber security companies also need to put a filter of verifying their security patches and upgrades for any malfunction or hidden integration of malware. On the other end, any big companies like Microsoft or equivalent will need to definitely scrutinize and assess the updates sent to the users which are directly taken from the third party cyber security companies.. Finally, if this is the kind of a cyber-attack, which was very much expected, but big corporations like Microsoft and cybersecurity companies were unprepared for it due to over confidence or ignorance.

It also underscores an uncomfortable reality that software companies face few liabilities for major outages and cybersecurity incidents. The economic and legal penalties for such massive outages are so minimal that companies are not motivated to make more fundamental changes.

What is CrowdStrike?

CrowdStrike is a cybersecurity company based in the US. And the reason why you haven’t heard much about it so far is because unlike some other cyber security companies like — Kaspersky or Symantec — CrowdStrike is usually used by large organisations, government agencies and critical places like airports and banks. In other we, regular users, don’t put a CrowdStrike anti-virus in our systems. But they provided a critical security update to Microsoft inc.