CrowdStrike Falcon shutting down systems last Frday

[jaylach]

I have seen much concern as to when this is going to hit home systems... it isn't. While Microsoft is getting blamed they had nothing to do with the issue. The problem was an automatic update put out via CrowdStrike Falcon that affected Microsoft 365 which killed systems. Since MS 365 was affected it was better for media to blame Microsoft as they are the better known name.

You have to understand that CrowdStrike Falcon is a cloud based security system and has extensive privileges within an OS. It is doubtful that IT has much if any real control over the thing including updates. It must also be understood that this was not an attack but rather seems to have been a faulty update affecting Microsoft 365. Other than MS365 being what was affected causing the issues Microsoft actually had nothing at all to do with this but are the better known name to blame to get more media views.

https://www.nbclosangeles.com/news/national-international/what-is-crowdstrike/3463848/

So why were corporate systems affected while home systems were not? Apparently crowdstrike is VERY expensive and not something that a home user would install. This seems to be cyber security software that is designed for large corporations and has extensive access to deep system code, more access than I'd allow on any of my systems. Think of Norton when it could kill a system when removed unless you used their specific removal tool. It seems that, by design, IT personal have no real control over the thing. It would seem that IT cannot prevent or even delay updates as it is fully automated and seems to have full system control. Not something that I'd allow on any of my systems...

Had another link with a bit more detail but removed as, after the first viewing, it insisted on a subscription to read...

 

[Colin_T]

I think the world wide shutdown of big computer systems was hilarious. One little update wiped out the world

Microsoft has done the same thing but on a much more destructive scale and are a terrible company. In 2016 they did a 5-6GB patch (auto update) on Windows 10 and destroyed millions of computers around the world. They did another patch, albeit smaller, a year or so later and stuffed up more computers. And they have done 2 more patches since then that have screwed up computers running Windows 10 operating systems. These last 3 patches were fixable but the one in 2016 little destroyed computers and they never worked again.

The governments around the world need to force computer companies like Microsoft to have auto updates that can be turned off and actually stay off. Instead, they no longer have that option and they force their updates onto people's computers whenever they want and most of the time they don't test the updates first.

Microsoft is playing God with our computers and will continue to do so until they are brought under control. If they aren't brought under control, we will end up in I Robot with Will Smith and the computer companies will do a bugged update and kill us all (assuming we live through the next 12 months with lunatics taking control of various countries (but we don't talk about that here). Apple and other software companies do the same as Microsoft but are not as bad.

 

[Essjay]

Has anyone been personally affected? Not from their personal equipment but by a company being affected.

There are reports in the UK of airports having to check passengers in manually; of banks not being able to process wage payments; of doctors having to close as they cannot access their systems; pharmacies unable to access digital prescription records and so on.
I have an appointment for a routine check up at my GP next Thursday, hopefully that won't be cancelled.

 

[Colin_T]

I found out about it Friday night my time (in Western Australia) and it had been going on for a couple of hours by then. Apparently government computers, banks, shopping centre self service checkouts and a number of hospitals were unable to do anything. None of these really impacted me but hospitals were turning away patients and going back to pen and paper instead of using their computers.

Theoretically it should be fixed by Monday or Tuesday at the latest and I doubt you will have an issue with a doctor's appointment on Thursday. If they have to they can use the old pen and paper method too.

 

[Essjay]

Hopefully!



Family history - many of my family tree, even in the twigs, are buried in a council owned cemetery in the town I was born. The council has a database on their website listing every burial and cremation carried out there, including lists of every person buried in every grave. I have not been able to access this database since Friday and the home page of the council website warns that many services are currently unavailable. This doesn't affect me except for being frustrated, but what about people living in that town who need to access council services?

 

[Ichthys]

Someone on the news said every affected system will need to be physically rebooted, which apparently will take years. Is that true?

 

[seangee]

Unfortunately most home users (and many small businesses) have no idea just how big cyber crime and security is. When my wife set up her small business I chose an alternative to CrowdStrike but it was on the short list. On average her business has over a million attempted breeches every month. This is a small law firm with only 4 employees. Since we pay for the service its also installed on our home computers. Last night she was buying something on a well known clothing shopping site and 7 attempts were made to install malware on her PC in the space of 15 minutes. Chances are the business concerned has no idea their website has been compromised.

Don't blame the big companies for trying to make the world safer. Yes CrowdStrike screwed up, but they put their hands up and will learn from the experience.
For context:

1. Her cyber-insurance premiums are higher than those for public liability
2. She spends more on IT security a month than on her case management system
3. She could not stay in business if she chose to do everything old school - i.e. letters, telephone and fax. And clients / customers simply would not accept that it takes a week to get a response to a letter these days (neither would I!)

The dark web you see in movies / TV series is actually real.
I happen to work in a super sensitive area where financial cyber crime is a very real threat. Today we are working on defense against quantum computer attacks. Quantum computing is currently so expensive only the really massive corporations can afford it. Yet somehow its already being used by cyber-crime syndicates because they have enough money to pay for stuff only the likes of Microsoft / Apple / Meta / Amazon can afford.

 

[Ichthys]

This is one reason why I use my phone rather than a computer. Malware doesn't seem to have reached phones yet in a big way.

 

[seangee]

This is one reason why I use my phone rather than a computer. Malware doesn't seem to have reached phones yet in a big way.

Assuming you mean a dumb phone that only makes and receives calls

 

[GaryE]

One of my relatives chose a life of crime. Most of the family were wary of him, but he died an old man who never went to prison, and made a very good living at his business. He always said he was living the American Dream.

Most of the time, he was an office worker for his gang. If he were still living, I have no doubt he'd be in the IT Department of the mob. Cyber crime seems an enormous growth industry. It's like the social version of Mycobacter in fish - all around us, destructive, but no one wants to talk about it.

 

[AJ356]

CrowdStrike incompetence.... you had one job...

 

[Fishfunn]

I was a fulltime software engineer until I retired.

Don't blame the big companies for trying to make the world safer. Yes CrowdStrike screwed up, but they put their hands up and will learn from the experience.

Crowdstrike software bug is a pure example of not doing proper testing of software before a release. No bugs should ever be introduced into the market due to a lack of testing. Yes, software companies get what they deserve when they offshore software development for cheap labor in foreign countries. It is not the best and brightest that drives these profit-seeking stock option bonus CEOs; it is cheap and easy labor.

Most of the time, he was an office worker for his gang. If he were still living, I have no doubt he'd be in the IT Department of the mob. Cyber crime seems an enormous growth industry. It's like the social version of Mycobacter in fish - all around us, destructive, but no one wants to talk about it.

There is an old saying I heard in the movie Scarface that applies: "Never underestimate the other guy's greed!".

 

[Lcc86]

Has anyone been personally affected? Not from their personal equipment but by a company being affected.

There are reports in the UK of airports having to check passengers in manually; of banks not being able to process wage payments; of doctors having to close as they cannot access their systems; pharmacies unable to access digital prescription records and so on.
I have an appointment for a routine check up at my GP next Thursday, hopefully that won't be cancelled.

I live near Gatwick and the news said the trains were all affected but I could definitely hear them all and the National Rail app didn't report any delays or cancellations when I checked (albeit I didn't keep checking throughout the day). I did hear on the news that GPs are still struggling, I'm not sure why they seem to be more affected than other services?

 

[Essjay]

Wasn't the NHS affected a few years ago when they didn't update their software like Microsoft said they should and someone got in which would have been prevented if they'd updated?

This is currently on the council website's homepage where I can't access the cemetery database, though knowing councils there's probably been no-one in the IT department over the weekend.

 

[TwoTankAmin]

I did not read a lot of the posts above. I was affected a bit. I do my investing with Charles Schwab. A number of the features on their site did not work at all or did not work properly.

But I was reading the news online this morning and came across this article:

Southwest Airlines Saved From Global IT Outage Thanks To 32-Year-Old Microsoft System

Summary​

• Many carriers experienced software outages due to CrowdStrike; Southwest was unaffected.
• Southwest and FedEx operate on Windows 3.1, avoiding the CloudStrike glitch.
• While Microsoft resolved the root cause, millions of travelers remain grounded.

Dallas-based Southwest Airlines was unaffected yesterday by the outage that has plagued carriers in every corner of the globe. This is due to the airline working from Windows 3.1, a version that was first released in April 1992 as the successor to Windows 3.0

My first version of windows was 3.0 and the 3.1 upgrade really improved on that. I consider windos 10 to be one of the worst versions of windows and a;so the most invasive piece of software I have ever allowed on my PC. I do not have a Microsoft accoutm, I have a private account, I do not voluntarily send any data to MS, and I also have anything related the the Edge brower from being used or updated. I have a good PC huy who does this sort of stuff for me.

I still have my older PC with Windows 7 because it has the photo editing software I know how to use. Most of the features in Miscorosoft software I use I wish I coud remove. They only make things harder not better or easier to use. I have Outlook 2016 on my PC and I do nothing in the cloud. I also tend to block AI where I can on my PC.

Let us not forget that Microsoft thinks were are all idiots when it comes to using a PC, so the keep taking more and more contol of this out of out hands. "Big Brother" is becoming more of a reality every day now.

Big Brother is a character and symbol in George Orwell's dystopian 1949 novel Nineteen Eighty-Four. He is ostensibly the leader of Oceania, a totalitarian state wherein the ruling party, Ingsoc, wields total power "for its own sake" over the inhabitants.

Here is why Google Search has become worse and worse over time. When I searched for Big brother all that came up was pages about the TV show which I did not know existed. I had to add "book" for Google to give me the answer I wanted- when was it published. 1984 was pretty much required reading when I was in school/college in the 1960s.

The digital era now seems to be doing it's best to make people all stupid again.