On July 19, one mistake in CrowdStrike software update stopped the work of many services including the critical ones such are healthcare sector.

What happened?

CrowdStrike’s Falcon Sensor update caused a blue “screen of death” on Windows systems all over the world.

The company CEO claims that it was not a security incident:

Of course, such situations can happen, nothing’s perfect including IT giants. We all deal with Windows, and we know how tricky their systems can be.

You can update regularly and stick to provider’s recommendations and still get into situation like this. Sometimes it is just a human factor, sometimes — a chain of events and small mistakes in software that is not detectable due to some reasons.

Can we learn from CrowdStrike incident?

Honestly, there is nothing much we can learn from this CrowdStrike case. No security or IT provider can guarantee a 100% perfect and uninterrupted work of their services. Thus, there are layers and layers of software and operating systems in large companies that can conflict with each other from time to time.

However, the question is if a company ready to respond to an incident quickly minimizing all possible delays and protecting data from being lost.

Some basic steps to be prepared for CrowdStrike-like cases:

  • Update at the end of the working day. If something happens, there will be some time for fixing.
    Also, do not rush to update as soon it is available. We recommend searching for news or forum posts regarding a certain topic to make sure that there are no global troubles, etc.
  • Regular backups before major updates.
  • Educate a team. Provide guides and recommendations according to your company policy to avoid panic and chaos.
  • Follow your providers on their media to be aware of possible threats or solutions to existing problems.

Moreover, we must remember that during large outages all the scammers became active taking advantage from chaos and confusion. During a vulnerable time, be attentive to emails and links in them, even if it looks like it is sent from someone you know — phishing method is very tricky.

As follows, by following basic recommendations, a company can minimize risks even if it is unavoidable.

Share the article via favorite platforms!
By Off-topicLeave a Comment on A lesson from CrowdStrike’s incident

Leave a Reply

Your email address will not be published. Required fields are marked *