Windows TCO: Ransom, Medical Data Leaked, and Worldwide Outages That Get Regulators' Attention
VOA News ☛ CrowdStrike: More machines fixed as customers, regulators await details on what caused meltdown
The scope of the disruptions has also caught the attention of government regulators, including antitrust enforcers, though it remains to be seen if they take action against the company.
The Register UK ☛ Ransomware takedowns leave crims scrambling for stability
A fresh report from Europol suggests that the recent disruption of ransomware-as-a-service (RaaS) groups is fragmenting the threat landscape, making it more difficult to track.
Attribution in cybersecurity is a difficult thing, but important for defenders when developing strategies to mitigate future attacks from the same group or individual. Yet the way in which cybercriminals reorganize is making this process more difficult following the mass exodus of affiliates from fallen ransomware gangs, the EU's law enforcement agency said.
The Verge ☛ CrowdStrike CEO to testify about massive outage that halted flights and hospitals
“Recognizing that Americans will undoubtedly feel the lasting, real-world consequences of this incident, they deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking,” Homeland Security Chair Mark Green (R-TN) and Cybersecurity and Infrastructure Protection Subcommittee Chair Andrew Garbarino (R-NY) wrote in a letter later shared with The Verge. They asked that CrowdStrike schedule a hearing with the subcommittee by end of day Wednesday.
The letter signals that the cleanup for the technical failure is far from over for CrowdStrike. Even on Monday, three days after the initial meltdown, Delta was dealing with flight cancelations and Blue Screens of Death.
Michał Sapka ☛ Crowd Strike and single point of failure
And this is the reason why on Friday, planes couldn’t fly and people died as hospitals were down. It’s not because of FOSS, it’s not because of any malicious agent. The reason is standardization of our industry. It’s not only never been as boring as it is now, but it has never been less resident. If the market was healthy and there were dozens of bigger players instead of a few gigantic ones, no single outage would be as severe.
And the worst part? No one, who is actually responsible, will be to blame. No C level asshole will go to jail, or will even visit court. CrowdStrike will lose some stock value for a few weeks, then it will all be forgotten. Business as usual.
Federal News Network ☛ Though the Defense Department managed to go unscathed through the Crowdstrike outage, it remains on the alert
A worldwide IT outage on Friday struck multiple government agencies. The Social Security Administration plans to reopen field offices on Monday after a global IT outage forced SSA to close all local operations Friday. The outage is linked to a faulty software update from cybersecurity firm Crowdstrike. U.S. Citizenship and Immigration Services also warned some callers to expect long wait times due to the outage. The White House is convening agencies to better understand the impacts of the incident across government.
Bridge Michigan ☛ Michigan Medicine latest health care system to be hit by cyberattack
Patient information for nearly 57,000 people may have been shared during the latest health care-related cyberattack in Michigan.
Hackers accessed emails of three employees at Michigan Medicine, part of the University of Michigan, May 23 and May 29, and those accounts were “were disabled as soon as possible so no further access could take place,” according to a statement Monday.
Los Angeles Times ☛ Devastating ransomware attack shuts down L.A. County courts.
This closure affected all 36 courthouses in the county, but the court issued a statement Monday afternoon, announcing that all 36 courthouses will reopen Tuesday. The statement included directions for some potential jurors who were summoned for jury duty but also warned that “court users should expect delays and potential impacts due to limits in functionality.
CNN ☛ Costs from the global outage could top $1 billion – but who pays the bill is harder to understand
The world learned relatively quickly that cybersecurity firm CrowdStrike was behind a crippling global tech outage on Friday. But figuring out who will pay the bill for the damages could take a lot longer.
What one cybersecurity expert said appears to be the “largest IT [sic] outage in history” led to the cancellation of more than 5,000 commercial airline flights worldwide and disrupted businesses from retail sales to package deliveries to procedures at hospitals, costing revenue and staff time and productivity.
The Independent UK ☛ Microsoft IT [sic] outage live: Travellers still stranded as experts warn problem is likely to happen again
The outage led to over 1,500 cancelled flights in the US and dozens more across the UK for the third day in a row, leaving passengers stranded across airports.
Hospitals, GPs, pharmacies, banks, supermarkets and millions of businesses have also been impacted.
CrowdStrike said the outage was caused by a defect in an update to its “Falcon” cybersecurity defence software for Windows hosts.
[Old] Business Insider ☛ CrowdStrike CEO Has Twice Been at Center of Global Tech Failure
On April 21, 2010, the antivirus company McAfee released an update to its software used by its corporate customers. The update deleted a key Windows file, causing millions of computers around the world to crash and repeatedly reboot. Much like the CrowdStrike mistake, the McAfee problem required a manual fix.
Kurtz was McAfee's chief technology officer at the time. Months later, Intel acquired McAfee. And several months after that Kurtz left the company. He founded CrowdStrike in 2012 and has been its CEO ever since.
HT Digital Streams Ltd ☛ How does Zerodha ensure safety of users from cyber fraud in AI era? Nithin Kamath unveils the secret formula
Besides, the entire employee base including non-technical folks uses Linux desktops to reduce the attack surface. Kamath said he uses Zorin (Linux). He said that he is paranoid about external vendors and SaaS services. " We self-host all our internal systems on private networks and almost no SAAS vendors. Everything is pretty much self-hosted FOSS (Free & open source)," Kamath wrote on Twitter.
CBC ☛ Delta still struggling after Crowdstrike outage, cancelling hundreds more flights Monday
Delta has offered no timetable for resumption of normal operations and has already cancelled another 305 flights for Monday, according to the flight tracking website FlightAware.
Scheerpost ☛ Massive IT [sic] Outage Spotlights Major Vulnerabilities in the Global Information Ecosystem
The outage is emblematic of the way organizational networks, cloud computing services and the [Internet] are interdependent, and the vulnerabilities this creates. In this case, a faulty automatic update to the widely used Falcon cybersecurity software from CrowdStrike caused PCs running Microsoft’s Windows operating system to crash. Unfortunately, many servers and PCs need to be fixed manually, and many of the affected organizations have thousands of them spread around the world.
For Microsoft, the problem was made worse because the company released an update to its Azure cloud computing platform at roughly the same time as the CrowdStrike update. Microsoft, CrowdStrike and other companies like Amazon have issued technical work-arounds for customers willing to take matters into their own hands. But for the vast majority of global users, especially companies, this isn’t going to be a quick fix.
The Conversation ☛ Microsoft-CrowdStrike outage: how a single software update was able to cause IT [sic] chaos across the globe
The global IT [sic] outage on 19 July serves as a stark reminder of our vulnerability to technological failures. Triggered by a single faulty software update provided by the cybersecurity firm, CrowdStrike, this had a disastrous impact on airlines, media outlets, banks, and retailers worldwide, particularly businesses that use Microsoft Windows operating systems.
This incident, described as the “largest IT [sic] outage in history”, reminds us of the extensive web of IT interconnections that sustain our digital infrastructure – and of the potential for far-reaching consequences when something goes wrong.