[ad_1]
The cloud security company announced Friday that Windows PCs in the United States, United Kingdom, Australia, South Africa, and other countries experienced severe outages due to a CrowdStrike Falcon Sensor update error. Emergency services, airports, and law enforcement reported the outages, which are still ongoing.
“This was not a security incident or a cyber attack.” CrowdStrike said in a statement Friday morning:.
On Friday afternoon, CrowdStrike expanded on that statement, saying, “We understand the severity of the situation and apologize for the inconvenience and disruption this may have caused,” and reassuring customers that the CrowdStrike Falcon platform itself is “operating normally.”
Blue Screen of Deaths Common Due to CrowdStrike Outage
Affected organizations saw the infamous Blue Screen of Death, a Windows system crash alert. edgethe issue stems from an update to the kernel-level driver used to connect CrowdStrike to Windows PCs and servers.
American Airlines, United Airlines and Delta Airlines flights Flights were delayed on Friday morning as the problem affected the airline’s IT systems. British media Sky News reported its own TV blackout Friday morning. New Hampshire Department of Emergency Services The system is reportedly back up and running after 911 service was disrupted early Friday morning.
“The issue has been identified, isolated, and a fix has been deployed,” CrowdStrike said on Friday. However, there are still reports of failures on some of the machines initially affected.
Microsoft 365 reporting Service degradation warning Friday morning, but this appears to be another event.
According to data from Gartner emailed to TechRepublic, CrowdStrike will account for 14.74% of total software revenue across all sectors and regions for security software in 2023. Microsoft’s share will be 40.16%.
SEE: Downtime costs the world’s largest companies $400 billion per yearAccording to Splunk data.
What steps can an organization take if it is impacted by the CrowdStrike outage?
The first step is to determine which hosts are affected. Then, follow Description of CloudStrike Used to repair or restore Windows.
Earlier today, Microsoft It is recommended to restart the Azure virtual machine Run the CrowdStrike Falcon Agent. This may require multiple restarts, with some users reporting up to 15 before it succeeds. Other options are to restore from a backup prior to 04:09 UTC on July 18, or to try to repair the operating system disk using a repair virtual machine.
“Due to the way the update was deployed, recovery options for affected machines are manual and therefore very limited,” said Andras Cser, vice president and principal analyst at Forrester, in an emailed statement to TechRepublic. “Administrators must connect a physical keyboard to each affected system, boot into safe mode, remove the infected CrowdStrike update, and then reboot. Some admins also said they were unable to access their BitLocker hard drive encryption keys to perform remediation steps.”
CrowdStrike recommends its customers stay in touch with a CrowdStrike representative. Organizations, even those not directly impacted, should contact their SaaS partners to see if they are experiencing issues.
Beware of misinformation
Since the incident affected such a wide range of major organizations, the potential for misinformation was high.
“There is a lot of misinformation online about how to reconfigure your computer or which critical system files to delete,” said Evan Dornbush, a former NSA cybersecurity expert, in an email to TechRepublic. “Don’t fall victim to downloading fake solutions.”
“Similarly, this is a good time to rethink password management, as repairs may end up requiring administrative access to a system that has not been rebooted for quite some time,” he said.
Evaluate your recovery plan and support your team
Assess your organization’s reliance on a particular provider or service and ensure your organization has a strong recovery process in place.
This is also a good time for IT team leaders to ensure their people have the support they need.
“The outage occurred on a Friday night in some areas, when people were heading home for the weekend,” Forrester principal analyst Allie Mellen said in an email to TechRepublic. “Technology incidents like this require an all-hands-on-deck approach, and your team will be working around the clock over the weekend to recover. Support your team and make sure they get enough support and downtime to avoid burnout and mistakes. Clearly communicate roles, responsibilities, and expectations.”
When reached for comment, TechRepublic directed CrowdStrike to Official Statement.
This article will be updated as more information comes in. TechRepublic has reached out to Microsoft for comment.
[ad_2]
Source link
