Completely dodges the question of why this release wasn't tested properly or rolled out in stages instead of globally, and Cramer being such a spineless lackey doesn't press any further. What an annoying interview to watch
So the CEO of CrowdStrike is the same guy that was the CTO of McAfee in 2010 when McAfee updated its virus databases and deleted Windows XP system files...
Completely dodges the question of why this release wasn't tested properly or rolled out in stages instead of globally, and Cramer being such a spineless lackey doesn't press any further. What an annoying interview to watch
What a buffoon. "We fixed it" in this situation where computers went hard down is like saying you fixed the fence after the wolf ate all the sheep they did #### all. The interviews he did yesterday were pure damage control to calm down investors. His tweets got quite a reaction.
On the ground a little bit of a picture of how it was.
An in depth look at how and why Crowdstrike's content update caused such a disaster.
Supposedly Crowdstrike is claiming the null pointer allegations to be false, but won't elaborate.
It’s sort of crazy to me that something that is so big can also just not affect others too. For example nothing has been affected in my life since this happened. Work or businesses I have visited or anything. Then my brothers just been having a nightmare.
The Following 2 Users Say Thank You to Weitz For This Useful Post:
It’s sort of crazy to me that something that is so big can also just not affect others too. For example nothing has been affected in my life since this happened. Work or businesses I have visited or anything. Then my brothers just been having a nightmare.
I say this a lot, but I guess I have to keep saying it until it sinks in.
The number of times our Financial system and basic social operations have been brought to their knees by what effectively amounts to a 'stiff breeze' is rather disconcerting.
I know COVID has proven that we as a society are inherently incapable of learning....but we gotta do better this boys...come on.
__________________ The Beatings Shall Continue Until Morale Improves!
This Post Has Been Distilled for the Eradication of Seemingly Incurable Sadness.
The World Ends when you're dead. Until then, you've got more punishment in store. - Flames Fans
If you thought this season would have a happy ending, you haven't been paying attention.
This could have been much worse than it was. This could have been another Solarwinds incident where the vendor was leveraged as a distribution point for a zero day attack that either cryptoed/encrypted or damaged systems. Fortunately it was just a bad update with an easy fix. Time consuming, yes, but really no significant damage to systems and infrastructure.
Delta still struggling after Crowdstrike outage, cancelling hundreds more flights Monday
A handful of departures from Canadian airports were among over 300 cancellations already Monday
It's still really bad. The fundamental problem is you have to trust these companies you give this kind of access to in your network, but they then have the power to bring your company to its knees. This won't be the last time something like this happens.
We are still dealing with issues from this, all across our company some stations that came back online Friday morning dropped shortly after and we have not been able to get a fix for them yet. Our point of sale folks working on it again this morning.
This could have been much worse than it was. This could have been another Solarwinds incident where the vendor was leveraged as a distribution point for a zero day attack that either cryptoed/encrypted or damaged systems. Fortunately it was just a bad update with an easy fix. Time consuming, yes, but really no significant damage to systems and infrastructure.
Solarwinds was estimated to be 90 to 100$ million in overall financial damage when accounting for reputation, litigation and all fallout, and mainly targeted and limited to government agencies. There was no ransomware or any such attack relating to the Solarwinds hack seen and impact was largely limited to exposed data via the vulnerability. It's not even known if any data was actually stolen, just that the malware existed and it is likely.
This one is already estimated to be over 1 billion dollars and counting upwards. We are operational but is still impacted as other vendors we use are not 100% with all hands on deck to get every back and it may take weeks.
Ironically, the Solarwinds incident was a huge bone thrown to Crowdstrike as companies attempted to harden their environment and aggravated the current situation. It also shows just how vulnerable the world is should a malicious attack or vulnerable file get delivered via Crowdstrike Falcon for example, further raising the threat of supply chain attacks. If CrowdStrike's change management is so poor that it allowed such a broken file to make it to production at the kernel level, there is no reason to trust they have done due diligence on ensuring no malware is present and preventing a Solarwinds style attack. The trust is gone.
CrowdStrike Annual Revenue (Millions of US $)
2023 $2,241
2022 $1,452
2021 $874
2020 $481
Speaking of Solarwinds, the court just threw out most of the SEC case against Solarwinds, limiting the scope to financial.
We are still dealing with issues from this, all across our company some stations that came back online Friday morning dropped shortly after and we have not been able to get a fix for them yet. Our point of sale folks working on it again this morning.
Alright, our folks down in Houston got it all fixed up!
The Following User Says Thank You to Bigtime For This Useful Post:
Good stuff in your post. Really hammers home why cyber insurance is so tough and costly to come by. When the Solarwinds incident happened I told my executive that it felt more like a test run for a larger attack downstream, that it really could have been worse. A platform like Crowdstrike provides a much larger leveragable surface than Solarwinds did and would have been the perfect target for a supply chain attack. As damaging and as costly as it was, this could have been way more impactful if a nation state had leveraged the system to distribute a malicious package.
The Following User Says Thank You to Lanny_McDonald For This Useful Post:
Friday's CrowdStrike update nightmare took down 8.5 million Windows-based machines globally, prompting some to question why Microsoft allows third-party kernel drivers while Apple does not. According to a Microsoft exec, you can thank the EU.
As Microsoft's Chief Communications Officer, Frank X. Shaw, noted on X, a 2009 agreement between the European Commission and Microsoft required Redmond to give security software the same level of access to Windows as Microsoft itself.
