Windows TCO: CrowdStrike, Ransomware, and More
-
Bruce Schneier ☛ The CrowdStrike Outage and Market-Driven Brittleness
This brittleness is a result of market incentives. In enterprise computing—as opposed to personal computing—a company that provides computing infrastructure to enterprise networks is incentivized to be as integral as possible, to have as deep access into their customers’ networks as possible, and to run as leanly as possible.
Redundancies are unprofitable. Being slow and careful is unprofitable. Being less embedded in and less essential and having less access to the customers’ networks and machines is unprofitable—at least in the short term, by which these companies are measured. This is true for companies like CrowdStrike. It’s also true for CrowdStrike’s customers, who also didn’t have resilience, redundancy, or backup systems in place for failures such as this because they are also an expense that affects short-term profitability.
-
Semafor Inc ☛ CrowdStrike's IT [sic] outage costs companies over $5B
US Fortune 500 companies, excluding Microsoft, are facing a $5.4 billion loss due to the world’s biggest IT [sic] outage, a cyber insurer estimated.
-
Silicon Angle ☛ Cisco Talos: Business email compromise and ransomware topped threats in second quarter
Ransomware accounted for 30% of engagements in the quarter, up 22% from the previous quarter, with new ransomware gangs Mallox and Underground Team observed for the first time. The company also dealt with ongoing Black Basta and BlackSuit ransomware attacks, which were among the most prolific in the quarter.
-
VOA News ☛ US investigates Delta flight cancellations, response to global tech outage
Atlanta-based Delta and its partners have canceled more than 6,500 flights since Friday, far more than any other airline, according to figures from FlightAware and travel-data provider Cirium.
Buttigieg said his department will investigate “how it could be that days after the other airlines are back to normal, Delta is still canceling hundreds of flights.”
-
The Register UK ☛ US opens probe into Delta Air Lines' handling of CrowdStrike
"We launched an investigation today because what we've seen is a very different pattern from Delta than the other airlines," Secretary of Transportation Pete Buttigieg told media on Tuesday.
"Look, the entire global economy was affected on Friday and that's certainly included airlines around the country and around the world. But most of those airlines recovered and got back to normal within a couple of days. Delta, on the other hand, still not back to normal as of today.
-
The Register UK ☛ How a barcode scanner helped fix CrowdStrike mess in a flash
Which was when his memory about barcode scanners came into play. The firm had the BitLocker keys for all its PCs, so Woltz and colleagues wrote a script that turned them into barcodes that were displayed on a locked-down management server's desktop. The script would be given a hostname and generate the necessary barcode and LAPS password to restore the machine.
Woltz went to an office supplies store and acquired an off-the-shelf barcode scanner for AU$55 ($36).
At the point when rebooting PCs asked for a BitLocker key, pointing the scanner at the barcode on the server's screen made the machines treat the input exactly as if the key was being typed. That's a lot easier than typing it out every time, and the server's desktop could be accessed via a laptop for convenience.
-
Threat Source ☛ IR Trends: Ransomware on the rise, while technology becomes most targeted sector
Business email compromise (BEC) and ransomware were the top threats observed by Cisco Talos Incident Response (Talos IR) in the second quarter of 2024, together accounting for 60 percent of engagements.