CrowdStrike CEO apologizes for faulty software update that apparently caused global economic mayhem – IOTW Report

CrowdStrike CEO apologizes for faulty software update that apparently caused global economic mayhem


Blaze

The leader of one of the largest cybersecurity enterprises in the world has apologized after a faulty software update apparently brought global airline industries and many online transactions to a grinding halt.

Before 6 a.m. on Friday, George Kurtz — CEO of Texas-based cybersecurity giant CrowdStrike — took to social media to acknowledge that “a defect found in a single content update for Windows hosts” had led to a major breakdown in Microsoft operations.

As a result, more than 18,000 flights from around the world were grounded, 1,200 in the U.S. alone, according to joint reporting from The Hill and the AP. Banks and 911 dispatch stations were also thrown offline. Even the Sphere in Las Vegas was affected, projecting the dreaded “blue screen of death” into the night sky.

While CrowdStrike’s update issue may have inconvenienced millions of people worldwide, it is apparently not the work of malicious actors, at least according to Kurtz. “This is not a security incident or cyberattack,” he insisted. more

23 Comments on CrowdStrike CEO apologizes for faulty software update that apparently caused global economic mayhem

  1. Yeah, right. Like I believe you weren’t testing something nefarious that you have planned for election day.

    We need paper ballots with people counting them. NO computers, NO electronics at all.

    21
  2. All of my critical Production systems have air gap firewalls, are NOT in any way managed by third parties, and use VPN tunneling with temporary physical connections and highly exclusive routers if we need one of our OEMs to assist, and THEN only with one of OUR people in close contact with them and watching the operation at the system in question.

    And backups, backups, backups.

    …the problems with third party mamagement is that they apply generic solutions and do not understand your specific process, and also they dont suffer the consequences of YOU having to tell YOUR customer you cant meet your contractual requirements. I dont even trust my own IT department with my tool computers because IT people live in a world where everything’s virtual and about as consequential as a videogame, and my tool computers are actually controlling industrial machenery that can kill cutomers with bad processes and kill workers with unexpected movements and overheating/overpressurization, and they also know NOTHING about the specific Federal Codes we operate under and how NOT to violate them with improper system manipulation.

    The only safe firewall is an air gap between your LAN and the world. Use dedicated servers to talk to the world and DIO bridges to pass things like production information to the world, as theres no way critical systems can be shielded from hackers and idiots alike otherwise.

    7
  3. 911 system loss is pretty damn ugly too. It was bad enough when 911 was just for inbound calls, but with computer aided dispatch it affects outgoing information too. Back in the day we had non-emergency police and fire numbers, but no department keeps a backup dispatcher locally on standby in CASE the comm center fails, and those numbers largely dont exist anymore anyway.

    You think THIS is fun, wait till they take down power plants and water treatment facilities.

    That could quickly become a WHOLE lot worse.

    6
  4. CrowdStrike is a left leaning organization that works with the democrat party. I wouldn’t be surprised if they were providing security for our elections. This was probably a dry run of some sort. I don’t trust anything anymore.

    13
  5. Here on X is a listing of the crash log and an explanation of what it shows. If you’re a techie, click HERE. Short version: after update, CrowdStrike code attempted to read from a null pointer, meaning a (low address) system driver. That’s a capital-N No-No.

    The code is C++, known to be unsafe because a compiled object isn’t checked for this obvious newbie error. It is such a fundamental screw-up it calls into question the competence of CS’s coders, QC checks, system and integration test procedures, and product management’s simple understanding of that their product does and how it is interfaced with the Windows operating system.

    This error NEVER SHOULD HAVE HAPPENED. It is so unbelievably terrible that CrowdStrike’s ability to survive the fallout is really iffy.

    I hope they fail now. They’re the bad guys. They should also be apologizing to their investors and share-holders. Finally, I suggest they should look into the non-govt equivalent of Witness Protection so they can disappear before they are “disappeared”.

    8
  6. I heard two theories:

    1) it was a test for causing mayhem during the elections

    2) it was shut down as an opportunity for the deep state to “get in” to cover their electronic tracks with the assassination attempt.

    My paraphrasing here is very simplistic.

    8
  7. Clownstrike…same outfit the FBI used to find that Russia hacked the DNC servers. And then Seth Rich got killed in a rObBeRy GoNe bAd. And Imran Awan got a slap on the wrist by Judge Amy Chutkan, then he fled back to Pakistan. Avoid Clownstrike like the plague.

    5
  8. Crowdstrike. The evil intent is in the name. The left are too proud of the chaos to hide anymore.

    “This is a test. This is only a test..” Disruptions and system shut downs will be the norm from now on.

    The upcoming November elections have set off this insanity. The left is losing “bigly”. They don’t want to lose control.

    5
  9. CrowdStrike is likely an NSA/CIA/FBI/DIA front organization. They’re the same clowns who claimed “Russians” hacked the DNC and released embarrassing e-mails in 2016 when the Occam’s Razor obvious choice was the disgruntled Bernie Sanders supporter Seth Rich who was the administrator for that same e-mail server. We’ll never know if Rich actually did do that because someone murdered him on the streets of DC (but, bizarrely, left his cash, wallet, phone, and watch on his body). That’s one way to ensure a conjured up narrative goes unchallenged.

    The CrowdStrike CEO even acted like a fed by not even bothering to apologize nor take personal responsibility for the disaster his company just caused to critical business and services all over the globe who stand to lose billions, and lives may be lost in hospitals whose critical IT systems are now in disarray. If CrowdStrike doesn’t get sued out of existence by year’s end, then it’s proof that they are just a front for intel agencies. A front that has software sitting on the networks of virtually every major bank, corporation, government agency, and hospital in much of the industrialized world.

    What are the odds we’ll have another “mistake” like this made on the next US election day?

    4
  10. The internet is like a 100 foot tall monster with no central brain. We all are forced to depend upon it. But he just keeps stumbling around till he seriously breaks something. Now he’s done it.

    Recall the conditions of the 1870’s and 1880’s. When some cowboy’s horse broke its leg and had to be destroyed, it didn’t take the whole world down with it.

    1

Comments are closed.