Asia Insurance Post
  • Home
  • Articles
  • Blog
  • Data
  • Facts
  • Editorial
  • Interviews
Select Page

CrowdStrike blames defect in content update for massive IT crash

by AIP Online Bureau | Jul 24, 2024 | Eco/Invest/Demography, International News, Risk Management, Technology, Workplace/Employee Benefits | 0 comments

The incident crashed Microsoft Windows computer systems around the world on Friday, taking down airline, banking and stock exchange operations from Australia and Japan to the UK

CrowdStrike Holdings Inc., the cybersecurity company at the center of massive global IT outages, said that a bug in a safety mechanism allowed flawed data to go out to customers in a botched update, causing last week’s meltdown.

The US company is trying to piece together the series of events that led to one of the most spectacular rolling IT failures the world has ever seen.

The incident crashed Microsoft Windows computer systems around the world on Friday, taking down airline, banking and stock exchange operations from Australia and Japan to the UK.

Microsoft and CrowdStrike rolled out fixes last week, and many systems have been restored. But for several hours, bankers in Hong Kong, doctors in the UK and emergency responders in New Hampshire found themselves locked out of programs critical to keeping their operations afloat.

More than 8.5 million Windows users were affected, according to Microsoft.

In the report, the company said it regularly makes what are known as security content configuration updates, intended to help the company observe, detect or prevent malicious activity, depending on the customer’s policy configuration.

A “problematic Rapid Response Content configuration update” carried an undetected error and crashed Windows systems, the company said in a preliminary post-incident review, published about five days after the incident.

CrowdStrike said it would improve testing of Rapid Response Content in future, in a variety of ways. It said a new check “is in process” in order to fix the faulty Content Validator that failed to vet the problematic content.

CrowdStrike also plans to stagger future deployments of updates so they are tested piecemeal – known as a canary deployment – before rolling it out at large.

Finally, the company said it would allow customers greater control over the delivery of such content, so they can select when and where updates are deployed.

CrowdStrike’s shares dropped nearly 30 per cent in the aftermath of the outage, slashing billions of dollars from its market value.

The US House Committee on Homeland Security requested Chief Executive Officer George Kurtz’s appearance and lawmakers called on him to explain how the company will mitigate risks of a similar incident in the future.

Shawn Henry, CrowdStrike’s chief security officer, apologized in a post on LinkedIn on Monday, saying that the company had “failed” its customers.

“The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch,” he said.

Submit a Comment Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Govt unveils scheme with up to Rs 9.6 lakh incentive on purchase of electric trucks under PM E-DRIVE
  • Asia Index launches BSE Insurance Index
  • IRDAI board meet on July 14, likely to approve new licenses
  • Extreme Weather: Euro Zone could lose 5% of GDP, says ECB
  • UP govt sets July 31 deadline for kharif crop insurance; farmers must report damage within 72 hours

Categories

  • Articles
  • Banking & Bancassurance
  • Blog
  • Breaking News!
  • Briefs
  • Climate, Environment, Renewable Energy
  • Data
  • Disaster & Management
  • Eco/Invest/Demography
  • Editorial
  • Events
  • Facts
  • Features
  • Health
  • Indian News
  • Intermediaries
  • International News
  • Interviews
  • Life
  • Main Menu
  • Non-Life
  • Pandemic
  • Pension & Social Security
  • Policy
  • Regulation
  • Reinsurance
  • Risk Management
  • Simple
  • Technology
  • Trends, Facts
  • Uncategorized
  • Wealth Management/ Philanthropy
  • Workplace/Employee Benefits
  • Home
  • Articles
  • Blog
  • Data
  • Facts
  • Editorial
  • Interviews
  • Eco/Invest/Demography
  • Indian News
  • International News
  • Health
  • Non-Life
  • Pandemic
  • Technology
  • Risk Management
  • Reinsurance
  • Banking & Bancassurance
  • Wealth Management/ Philanthropy