Security experts claim that CrowdStrike's usual upgrade of its popular cybersecurity software appears not to have undergone sufficient quality checks before to deployment, as seen by the global computer system crashes caused by the malware on Friday.
By upgrading the threats it fights against, the most recent version of Falcon Sensor software was designed to increase the security of CrowdStrike clients' systems against hacking. However, one of the most extensive tech failures in recent memory for businesses utilising Microsoft's Windows operating system was caused by flawed code in the update files.
There was disruption in international banking, airlines, hospitals, and government agencies. CrowdStrike provided instructions on how to repair the impacted systems, but specialists predicted that it would take some time to bring them back up because the faulty code needed to be manually removed.
"It seems like there may have been some sandboxing or vetting that happens when they examine code; perhaps this file was overlooked or missed," stated Steve Cobb, chief security officer at Security Scorecard, whose systems were also affected by the problem.
After the upgrade was released on Friday, issues became apparent very immediately. Users shared images of PCs with blue screens showing error warnings on social media. In the business, these are referred to as "blue screens of death."
The malware causing the outage was found by security researcher Patrick Wardle, who specialised in researching vulnerabilities to operating systems.
"In a file that contains either configuration information or signatures," he stated, the upgrade had an issue. These signatures are pieces of code that identify particular kinds of malware or malicious code.
Havana, the capital of Cuba, is well known for the vibrant old cars that still roll through its streets. However, in the capital, a change is beginning to be noticed.
"It's very common that security products update their signatures, like once a day... because they're continually monitoring for new malware and because they want to make sure that their customers are protected from the latest threats," he explained.
He stated that "CrowdStrike probably didn't test it as much" because of how frequently updates are released.
How the problematic code entered the upgrade and why it was undetected before the update was made available to users are unknown.
"Ideally, this would have been rolled out to a limited pool first," Huntress Labs lead security researcher John Hammond stated. "That is a safer approach to avoid a big mess like this."
There have been similar incidents in the past with other security providers. A 2010 McAfee antivirus update caused hundreds of thousands of machines to halt.
Nonetheless, CrowdStrike's supremacy is evident in the outage's global impact. The programme is used by more than half of Fortune 500 businesses and several government agencies, including the Cybersecurity and Infrastructure Security Agency, the leading cybersecurity agency in the United States.
(Source:www.investing.com)
By upgrading the threats it fights against, the most recent version of Falcon Sensor software was designed to increase the security of CrowdStrike clients' systems against hacking. However, one of the most extensive tech failures in recent memory for businesses utilising Microsoft's Windows operating system was caused by flawed code in the update files.
There was disruption in international banking, airlines, hospitals, and government agencies. CrowdStrike provided instructions on how to repair the impacted systems, but specialists predicted that it would take some time to bring them back up because the faulty code needed to be manually removed.
"It seems like there may have been some sandboxing or vetting that happens when they examine code; perhaps this file was overlooked or missed," stated Steve Cobb, chief security officer at Security Scorecard, whose systems were also affected by the problem.
After the upgrade was released on Friday, issues became apparent very immediately. Users shared images of PCs with blue screens showing error warnings on social media. In the business, these are referred to as "blue screens of death."
The malware causing the outage was found by security researcher Patrick Wardle, who specialised in researching vulnerabilities to operating systems.
"In a file that contains either configuration information or signatures," he stated, the upgrade had an issue. These signatures are pieces of code that identify particular kinds of malware or malicious code.
Havana, the capital of Cuba, is well known for the vibrant old cars that still roll through its streets. However, in the capital, a change is beginning to be noticed.
"It's very common that security products update their signatures, like once a day... because they're continually monitoring for new malware and because they want to make sure that their customers are protected from the latest threats," he explained.
He stated that "CrowdStrike probably didn't test it as much" because of how frequently updates are released.
How the problematic code entered the upgrade and why it was undetected before the update was made available to users are unknown.
"Ideally, this would have been rolled out to a limited pool first," Huntress Labs lead security researcher John Hammond stated. "That is a safer approach to avoid a big mess like this."
There have been similar incidents in the past with other security providers. A 2010 McAfee antivirus update caused hundreds of thousands of machines to halt.
Nonetheless, CrowdStrike's supremacy is evident in the outage's global impact. The programme is used by more than half of Fortune 500 businesses and several government agencies, including the Cybersecurity and Infrastructure Security Agency, the leading cybersecurity agency in the United States.
(Source:www.investing.com)
Homepage
Send to a friend
Printable version
Share
