CROWD STRIKE

 CROWD STRIKE - JULY 2024


Crowdstrike is a software company which caused a global IT disruption affecting about 8 million windows machines. it impacted critical sectors like airlines as well as hospitals which lead to operational issues losses amounting to 5.4 billion for the fortune 500 companies. 

The cause of the disruption was a out of bounds memory read due to a mismatching in expected input fields. The issue was made worse by not enough testing a roll out which was simultaneous to the customers.

For incidents like this to minimized in future there needs to be thorough testing of protocols and to make sure there compatibility with older formats. rollouts should be phased to identify any issues which can be resolved on a smaller scale before a full deployment. additionally there is growing push to move security solutions out of windows kernel to reduce the likely hood of critical failures.

Crowdstrike reputation as a lead cybersecurity firm was severely impacted and  future business opportunities could possibly be hindered. they also had to compensate the affected clients and faced substantial costs to fix the issue. there is also potential legal action that will be taking against Crowdstrike by affected parties. 

on the other hand clients face operational disruptions, there were loads of reports of hospitals planes and other services disrupted by this incident. companies had concerns over data security and integrity as possible exposure could have occurred. financial losses was significant as there was a estimated 5.4 billion wiped of the Fortune 500 companies.



Comments

Post a Comment

Popular posts from this blog

PASSWORD POLICY

Image
 A strong password policy is crucial to safeguard information deemed to be sensitive and prevent unauthorised access. a strong password will include a mix of lowercase and uppercase letters, numbers and special characters and longer passwords are even more secure. easily guessable passwords should be avoided like names, birthdays or common words. to better security consider adding features like password expiration dates, forcing users to change their passwords regularly. you can also add a mechanism for any multiple failed attempts to help deter brute-force attacks. Here is an example of a strong password - P@s5w0rd!_#24 This password should meet all the criteria to be considered a strong password . It includes a combination of numbers, upper and lower case letters and special characters. It is long enough making it difficult to crack. additionally it does not contain any easily guessable information. Strength Test -The example password was tested on reputable website which checks ...
Read more

Data Breach

 A data breach is when someone or individuals gain access to unauthorised data which is deemed to be confidential or sensitive in nature. the information breached is usually stored on electronically and can be the action of a cyber attack, weak security measures or down to human error. The implications of a data beach for companies can be dire, there could be a financial impact , including running high cost in dealing with such a breach. companies will also be subject to high  fines if they are found to be not complying with data protection laws. damage to reputation is also severe which would lead to loss of customer trust and loosing market share.  clients whose data has been compromised, also face repercussions, these personal information such as their social security, bank cards and even medical records can be used for identity theft and financial fraud. This effect can have substantial personal and financial harm, leaving individuals to to spend time as well as resou...
Read more

Configuring Microsoft Defender Firewall

Image
                                                     Whitelisting IP Address Using Microsoft defender click on advanced settings which will give you more control over your inbound and outbound rules.   in advanced settings in the left hand plane click on inbound rules and then select new rule  Open Learn Access Control Lists screenshot - Completed 
Read more