Briefly:
Security experts say a routine update by CrowdStrike to its widely used cybersecurity software apparently did not undergo adequate quality checks before it was released.
Microsoft estimates that about 8.5 million computers worldwide were affected by Friday’s massive IT outage.
What then?
Microsoft says “hundreds of Microsoft engineers and experts” are working directly with customers to resolve issues.
Microsoft estimates that about 8.5 million computers worldwide were affected by Friday’s massive IT outage.
A software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, caused system problems that grounded flights, forced broadcasters to go off air and left customers without access to services such as healthcare or banking.
In a statement, Microsoft estimated that the bug affected 1% of Windows computers worldwide.
This is the first time a number has been put on the incident, which continues to cause problems worldwide.
CrowdStrike caused chaos when it sent a corrupted software update to its customers, crashing computer systems.
Businesses and Consumers Now She warned that criminals may try to take advantage of the confusion. By making bogus offers of so-called “reforms”.
The number provided by Microsoft means that this is probably the largest cyber event ever, surpassing all previous hacks and outages.
The National Coordination Mechanism – made up of government agencies and representatives from affected sectors – is meeting to discuss the next steps in Australia’s “recovery phase” of the outage.
Assistant Energy Secretary Jenny McAllister said work was underway between the government and sectors affected by the outage to ensure they could return to work.
“We are still in the recovery phase… There is still more work to be done to ensure that the remaining issues caused by this outage can be addressed,” she told Sky News on Sunday.
“There will be an opportunity in due course to reflect on what has happened over the past few days, and whether that reveals vulnerabilities that we can address.”
Most businesses affected by the outage were back up and running by Saturday.
Call to enhance “national resilience”
David Cullen, of Australia’s top cybersecurity official, said the federal government should consider reviewing cybersecurity and software systems in the wake of the outages.
download…
He said lessons must be learned to ensure similar loopholes are prevented.
“Once our systems and services are back to normal across the country, governments and private industry should really take the opportunity to learn as much as possible from this event to understand how to improve national resilience and how we can reduce the risk of further disruptions like the one we have just seen,” he said.
However, Ciaran Martin, a professor of business at Oxford University and former chief executive of the UK’s National Cyber Security Centre, said many governments would be unable to take steps to prevent such disruptions “because we have become so reliant on a very American version of the technology”.
“We have to be at our best all the time.”
Angus Taylor, Australia’s shadow treasurer, said the CrowdStrike failure was a warning to businesses and governments to prepare for layoffs, noting that the consequences could have been more serious if Australia’s enemies had launched an attack of the same scale.
“What it certainly shows us is that our challenges in this area, and our adversaries and the challenges more broadly, are tough and we have to be at our best constantly,” Taylor said.
“Governments and companies have to get smarter and better at dealing with these situations, and that might mean having redundancies, it might mean ensuring that there are alternatives, and it might certainly mean not having one organization or one company with too large a market share.”
Home Affairs Minister Claire O’Neill said yesterday that the power outage was a mistake, but that bad actors were seeking to take advantage of the failure.
CrowdStrike CEO Warns of ‘Bad Actors’
Government cybersecurity agencies around the world and CrowdStrike CEO George Kurtz are warning businesses and individuals about new phishing schemes involving malicious actors posing as CrowdStrike employees or other technical professionals offering assistance to those recovering from an outage.
“We know that adversaries and bad actors will try to exploit events like this,” Kurz said in a statement.
“I urge everyone to remain vigilant and make sure to communicate with official CrowdStrike representatives.”
The UK’s Cyber Security Centre said it had noticed an increase in phishing attempts around the event.
Microsoft deploys ‘engineers and experts’ to help customers
“Hundreds of Microsoft engineers and experts” are working directly with customers to resolve the issues, said David Weston, Microsoft’s chief cybersecurity officer.
In a blog post, he also said such a major disruption is rare but “demonstrates the interconnected nature of our vast ecosystem.”
“As we have seen over the past two days, we learn, recover and move forward more effectively when we collaborate and work together,” he said.
Microsoft said CrowdStrike helped develop a solution that would help Microsoft’s Azure infrastructure accelerate remediation, adding that it is working with Amazon Web Services and Google Cloud Platform to share information about the impacts Microsoft has seen across the industry.
The air travel industry began to recover Saturday from a disruption that caused thousands of flights to be cancelled, leaving passengers stranded or suffering hours of delays as airports and airlines were hit by an IT outage.
A routine update to widely used cybersecurity software produced by CrowdStrike Inc. appears not to have undergone adequate quality checks before it was released, security experts say.
The latest version of its Falcon sensor software was intended to make CrowdStrike customers’ systems more secure against hacking by updating the threats it defends against.
“It seems like the scan or protection they do when they look at the code, maybe that file wasn’t included in that or it slipped through somehow,” said Steve Cobb, chief security officer at Security Scorecard, some of whose systems were also affected by the issue.
CrowdStrike has released information to fix affected systems, but experts say it will take some time to get them back up and running again as it requires manually removing the faulty code.
ABC/Wires
It was published. , Updated