Deep Dive – CrowdStrike auto-update disaster

Threat Talks - Infographic Security Fallacies
Listen to Threat Talks - Cybersecurity Podcast on Spotify
Listen to Threat Talks - Cybersecurity Podcast on YouTube
Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
Listen to Threat Talks - Cybersecurity Podcast on Amazon Music

CrowdStrike Auto-Update Disaster

The Fallacy of automatic updates

Last July’s CrowdStrike outage led to closed airports, inaccessible bank accounts and hospitals that were only delivering emergency care that did not require any computers. What exactly happened has been discussed at length, but could anything have been done to prevent this outage from having such a disastrous impact on so many people and companies?

In this episode of Threat Talks, host Lieuwe Jan Koning is joined by Rob Maas and Jeroen Scheerder as they discuss the misconfiguration in CrowdStrike’s QA process that led to a faulty file going undetected, eventually leading to the by now infamous 8.5 million blue screens of death.

Taking CrowdStrike as an example, they discuss the inherent risks of automatic updates, especially for critical systems, where even minor oversights can result in significant operational disruptions.

 

Explore the Hack’s Route in Detail

Find a complete overview of the CrowdStrike Auto-Update Disaster and other attacks featured in Breaking the Illusion: Exposing Security Fallacies:

Your cybersecurity experts

Lieuwe Jan Koning, Co-Founder and CTO, ON2IT

Lieuwe Jan Koning

Co-Founder and CTO, ON2IT Group

Luca Cipriano, Threat Intel Specialst, ON2IT

Luca Cipriano

Threat Intel Specialist, ON2IT

Rob Maas, Field CTO, ON2IT

Rob Maas

Field CTO, ON2IT

Episode details

Crowdstrike Falcon is an XDR platform which specializes in endpoint detection and remediation (EDR).

On July 19, 2024, Crowdstrike released an automatic update for their Falcon product, which contained a defective file that impacted over 8.5 million systems and led to an estimated financial loss of at least $10 billion globally.

Due to a misconfiguration in the Quality Assurance (QA) process, the faulty file went undetected, leading to widespread system crashes and Blue Screen of Death (BSOD) errors across various sectors, including hospitals, airports, banks and government agencies.

This incident highlights the risks inherent in automatic updates, especially for critical systems, where even a minor oversight can result in significant operational disruptions.

Enter the dynamic world of cybersecurity

Subscribe to our channels, and stay on to it!

Threat Talks - Infographic Security Fallacies
Listen to Threat Talks - Cybersecurity Podcast on Spotify
Listen to Threat Talks - Cybersecurity Podcast on YouTube
Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
Listen to Threat Talks - Cybersecurity Podcast on Amazon Music