A Security Attack on CrowdStrike, a Facebook Influence for Cyber-attacks, and the India Airlines Airlines Effort in Doing Business by Hand

It was in the position to wreak havoc because it had such a high popularity, with systems using CrowdStrike and Windows falling offline this morning. CrowdStrike CEO George Kurtz said on Friday that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts” while emphasizing that the issue isn’t linked to a cyberattack. It does not affect Linux machines or Mac machines.

CrowdStrike plays an important role in helping companies find and prevent security breaches, billing itself as having the “fastest mean time” to detect threats. In the past six years, the Texas-based company has investigated major cyberattacks, including the Russian cyberattacks on the DNC in 2015 and 2016 and the Sony Pictures hack in 2014). CrowdStrike had a valuation of $82 billion as of Thursday evening.

The update in question appears to have installed faulty software onto the core Windows operating system, causing systems to get stuck in a boot loop. Systems are showing an error message that says, “It looks like Windows didn’t load correctly,” while giving users the option to try troubleshooting methods or restart the PC. Many companies, including this airline in India, have resorted to the good old-fashioned way of doing things by hand.

When the IT Infrastructure of an Organization becomes Unrecoverable, It’s a Challenge to Deal With Its Own Personal Cybersecurity,” says Olejnik

According to Lukasz Olejnik, the author of the book Philosophy of Cybersecurity, our software is very interdependent. “But in general, there are plenty of single points of failure, especially when software monoculture exists at an organization.”

Although CrowdStrike has deployed a fix, getting things up and running won’t be a simple task. It could take days to weeks to resolve the problem because IT administrators might have to have physical access to the device to get it working again. IT team size and resources determine how fast that can happen. “Some systems in certain specific circumstances may be unrecoverable, but I assume that the majority will be recovered,” Olejnik adds.

“We know that adversaries and bad actors will try to exploit events like this,” CrowdStrike founder and CEO George Kurtz wrote in a statement. It is important that everyone remains vigilant and engages with official CrowdStrike representatives. Our blog and technical support will continue to be the official channels for the latest updates.”

Attackers inevitably take advantage of prominent global events as well as topical issues in specific geographic areas to try to trick people into sending them money, steal target account credentials, or compromise victims with malware.

“Threat actors attempt to take advantage of any major event,” says Brett Callow, managing director of cybersecurity and data privacy communications. Customers and business partners should be prepared for any incident that an organization experiences.

The incident is ripe for exploitation because some IT professionals are desperate for solutions and most individuals are not personally responsible for addressing it. It’s not uncommon for the fix for impacted computers to be done individually, which could take a long time. And for small-business owners who don’t have access to extensive IT expertise, the challenge may be particularly daunting.

CrowdStrike emphasizes that customers should confirm that they are communicating with legitimate company staff members and only trust the company’s official corporate communications.

“Speedy alerts to employees outlining potential risks will help,” Callow says of how CloudStrike customers should work to defend themselves. “Forewarned is forearmed.”