Crowdstrike... safety and security... for your own good.
- Thread starter secpar
- Start date
ClippyBeer
Moderator
No one here has to worry about that. This affects organizations that used the Crowdstrike service which turns out was a vast majority. It will affect you if you try to book a flight or doctor's appointment. This is what happens when you outsource your IT.
Below is a really good explanation of what happened by Chris Titus.
Although problem was entirely caused by CrowdStrike. My feedback from friends is there was a precautionary shut down by many companies and government institutions to deal with any problems. CloudStrike is so intrinsically embedded, that many people blamed Microsoft, because it updates with “Windows Update”
One would have thought they would test on Sandboxed systems, before releasing the update in the wild; my hunch is, they didn’t.
Apparently, the problem being relatively simple to fix, except you have to boot into “Safe Mode”, always fun on Windows 11. And fix has to be done at Data Centre, it cannot be done remotely.
They only have 29.000 customers. Problem being – 300 of the top Fortune 500 Companies use it, along with governments.
Although problem was entirely caused by CrowdStrike. My feedback from friends is there was a precautionary shut down by many companies and government institutions to deal with any problems. CloudStrike is so intrinsically embedded, that many people blamed Microsoft, because it updates with “Windows Update”
One would have thought they would test on Sandboxed systems, before releasing the update in the wild; my hunch is, they didn’t.
Apparently, the problem being relatively simple to fix, except you have to boot into “Safe Mode”, always fun on Windows 11. And fix has to be done at Data Centre, it cannot be done remotely.
They only have 29.000 customers. Problem being – 300 of the top Fortune 500 Companies use it, along with governments.
CrowdStrike were the liars that said the DNC servers were hacked by Russia.
In their own words.
https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
Now proved to be completely false. Although those with that don’t have any engineering, computing or science background still believe it.
The story by CrowdStrike was: That over 70 gigabytes of data including all emails and attachments was stolen from the DNC servers in the timeframe of minutes Over the Internet by Russia. Wow the DNC must have some serious optical fiber connections especially for 2016. They didn’t actually provide any hard evidence though.
https://www.realclearinvestigations...d_no_proof_of_russian_hack_of_dnc_123596.html
In their own words.
https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
Now proved to be completely false. Although those with that don’t have any engineering, computing or science background still believe it.
The story by CrowdStrike was: That over 70 gigabytes of data including all emails and attachments was stolen from the DNC servers in the timeframe of minutes Over the Internet by Russia. Wow the DNC must have some serious optical fiber connections especially for 2016. They didn’t actually provide any hard evidence though.
https://www.realclearinvestigations...d_no_proof_of_russian_hack_of_dnc_123596.html
Democratic National Headquarters are located at 430 South Capital Street. With the size of the building, they could easily have a small Data Centre in there. Data Centre to Data Centre is easily possible for 70GB in minutes, especially at night since the will have the capacity to handle day time enquiries and usage even in 2016. You are thinking of Political Parties in the UK. American political parties are on an entirely different scale.
I still agree though, for the simple reason CrowdStrike admit they found no evidence to support their claim and I tend to believe Julian Assange over them.
I'm not an expert like some of the folks here, but I know there are vastly complicated pieces of machinery; so complicated in fact, it's hardly distinguishable from magic and imagination, yet there it is.
TL;DR... when they say it's hacking, it's deception and/or coverup.
Hacking is possible, but not to the glory and the standards that get all the hype and attention. Large hacking operations are carried out by "hidden powers."
I'm not an over excited man: I just know when certain things happen, it's usually just an action token towards a far bigger "big picture" idea.
TL;DR... when they say it's hacking, it's deception and/or coverup.
For the complex machinery that's in place, and computers are vastly complicated pieces of machinery in the strictest sense, the blanket statements we get about "hacking" is often never the true situation and is very much an inside operation that plays on the ignorance of the masses (they just don't know, and mostly don't care) and what popular media has fed to them.
If filmmakers glorify hacking operations, then in real life when something happens, the blame can be shifted to a boogie man and formulate a story around it. Something bad happens, blame hackers, and work towards a recovery. Most people, we'll call them ditto heads, will repeat what they've been told. Slow like molasses and just as smoothly the news becomes something of folklore.
The same thing basically happens with school shootings as well, except as kind of a retrograde motion. Media glorifies that, which perpetuates it both naturally (via useful idiots) and by design (via social engineering).
If filmmakers glorify hacking operations, then in real life when something happens, the blame can be shifted to a boogie man and formulate a story around it. Something bad happens, blame hackers, and work towards a recovery. Most people, we'll call them ditto heads, will repeat what they've been told. Slow like molasses and just as smoothly the news becomes something of folklore.
The same thing basically happens with school shootings as well, except as kind of a retrograde motion. Media glorifies that, which perpetuates it both naturally (via useful idiots) and by design (via social engineering).
Hacking is possible, but not to the glory and the standards that get all the hype and attention. Large hacking operations are carried out by "hidden powers."
I'm not an over excited man: I just know when certain things happen, it's usually just an action token towards a far bigger "big picture" idea.
It is only Windows 10 and 11 that are affected. Those updates are for Win10/11 and only users that use crowdstrike are affected. I don't and was not using win10 during it anyway.
Yes, yes, these are facts. But the delivery method was windows update. I never got into Windows 7 myself, but after Windows 7 is when they started mandating (aka taking control of) windows updates via automation. Yes, there are ways of turning those off... but generally speaking, this complicates things. I've managed to do it for some folks' windows 10 machine.
My motto with computers: "if it ain't broke, don't fix it" and "if it works, don't change it."
I do suspect this was all just a test, or will work itself out to being one. It's just a matter of time before it gets exploited.
Are you talking about automatic updates?
ClippyBeer
Moderator
None of my Windows 10 computers are affected nor are anyone's home computers unless they are using one provided by their employer that has a Crowdstrike subscription.. Crowdstrike is some cloud based security "solution" that a huge amount of organizations and businesses relied upon.
Endpoint, Cloud & Identity Protection Products | CrowdStrike
Delivered from the cloud, our products are battle-tested to stop breaches. Explore CrowdStrike's suite of cybersecurity products here!
www.crowdstrike.com
The update for Crowdstrike was delivered via Windows update so it wasn't update itself (although Windows update is famous for causing other issues - BSODs, hardware stopped working etc.). Updates are disabled on ALL my devices, no problems whatsoever.
Be prepared for more catastrophes like this occurring frequently due to decision makers buying into the BS that AI/Cloud will reduce costs while providing the same level of service that was done in-house.
So glad I don't work in IT anymore. It's Friday and almost beer o'clock.
I discussed this with Madeleine and a number of other people on Sunday. The homeworkers that were affected and there were many. Were affected in two ways, that we were personally aware of.
1. Company IT/management requested everyone log off and finish work early, so that the engineers could deal with the problem.
And/or
2. They were using company machines that were set to auto update windows and this is when people noticed they could no longer access files on the companies servers, so basically they couldn’t work. No one knew of anyone personally that got a blue screen and couldn’t reboot. I am not sure exactly how CrowdStrike is implemented, but appears to be just on companies’ main servers. (This is just our limited experience of course)
Obviously, this was still catastrophic, because even small doctors’ surgeries could not access patient records and a number of big companies that people use, could not be accessed. A lot of the billions lost was the knock-on effect of panic. For instance, the restaurant we went to on Sunday was only taking cash even though it was only Visa that was affected.
CrowdStrike still has not recovered.
1. Company IT/management requested everyone log off and finish work early, so that the engineers could deal with the problem.
And/or
2. They were using company machines that were set to auto update windows and this is when people noticed they could no longer access files on the companies servers, so basically they couldn’t work. No one knew of anyone personally that got a blue screen and couldn’t reboot. I am not sure exactly how CrowdStrike is implemented, but appears to be just on companies’ main servers. (This is just our limited experience of course)
Obviously, this was still catastrophic, because even small doctors’ surgeries could not access patient records and a number of big companies that people use, could not be accessed. A lot of the billions lost was the knock-on effect of panic. For instance, the restaurant we went to on Sunday was only taking cash even though it was only Visa that was affected.
CrowdStrike still has not recovered.
As Windsor Davis said: “Oh dear, how sad, never mind.”
