Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Crowdsource Security. Show all posts

Global Outage Caused by Anti-Virus Update from Crowdstrike

 

A recent update from the anti-virus firm Crowdstrike has led to a global outage affecting millions of Windows users. The incident is being termed one of the most extensive outages ever, impacting numerous services and companies worldwide. Crowdstrike, a company many may not have heard of before, inadvertently caused this disruption with a problematic update to its Falcon virus scanner. The update led to widespread reports of the infamous Blue Screen of Death (BSOD) on computers running Windows. 

Microsoft quickly clarified that the issue was due to a third-party problem, absolving itself of direct responsibility. Users of Apple and Linux systems were unaffected, which brought some relief to those communities. Crowdstrike has since released a fix for the issue, but the recovery process remains cumbersome. IT professionals have noted that each affected machine requires a manual reboot in safe mode to restore normal operations. This task is complicated by the physical accessibility of the devices, making the resolution process even more challenging. There is currently no indication that the issue was caused by malicious intent or that any data has been compromised. 

Nonetheless, this incident highlights the crucial importance of staying updated with software patches, albeit with a note of caution. The cybersecurity community continues to stress the necessity of regular updates while acknowledging the occasional risks involved. Crowdstrike’s initial response fell short of an apology, which drew significant criticism online. However, CEO George Kurtz later issued a public apology via NBC News, expressing deep regret for the disruption caused to customers, travelers, and affected companies. This gesture, while somewhat late, was an important step in addressing the public’s concerns. This episode serves as a stark reminder of our heavy reliance on remotely managed devices and the vulnerability that comes with it. 

Despite robust systems in place to catch most issues, some problems, like this one, slip through the cracks. The timing of the update, which was pushed out on a Friday, compounded the difficulties, as fewer staff are typically available over the weekend to address such crises. For Crowdstrike customers, detailed instructions for the fix are available on the company’s support website. Many companies with dedicated IT teams are likely coordinating their responses to ensure a swift resolution. 

Unlike many outages that resolve themselves quickly, this incident will take days, if not longer, to fully mend, illustrating the significant impact of a single flawed update in our interconnected digital world.

Everything You Need to Know About Crowdsource Security


Crowdsourced Security 

Organizations of all sizes conventionally use penetration testing to secure their systems. Pen testing simulates a cyberattack with the goal of exposing security flaws, much like any real attack would. These vulnerabilities are patched up once they are identified, unlike in an actual attack. This ultimately boosts the organization in question's overall security profile. 

Although, there are some problems with regard to pen testing. 

  • It is generally performed annually, which is not sufficient since all software is updated on a regular basis. 
  • Since cybersecurity is a saturated market, pen testing companies sometimes “find” vulnerabilities where there are not any in order to charge for their services and differentiate themselves from their competitors. 
  • Their services are quite costly. 

Moreover, crowdsourced security operates on an entirely different model. It operates under a completely different paradigm. It centers on inviting a group of people to examine software for security flaws. Companies that use crowdsourced security testing invite an individual or the general public to test their products. This could be done directly, or via a third-party crowdsourcing platform. 

3 Types of Crowdsourced Security Program 

Most Crowdsourced Security programs operate with the same basic concept of financially rewarding those who detect a flaw or vulnerability. Although they can be categorized into three main types 

1. Bug Bounties 

Almost all tech giants possess an active bug bounty program. They operate by discovering a bug, and ultimately receiving a reward. 

These rewards range from a couple of hundred dollars to a few million, thus it is understandable that some ethical hackers live solely on finding software vulnerabilities. 

2. Vulnerability Disclosure Program 

Vulnerability disclosure programs are very similar to bug bounties, but there is one key difference: these programs are public. 

3. Malware Crowdsourcing 

What if you download a file, but are not sure if it is safe to operate? How do you check if it is malware? If you were able to download it in the first place, your antivirus program does not identify it as malicious, so you can head over to VirusTotal or a similar online scanner and upload it there. To determine whether the file in question is malicious, these technologies combine scores of antivirus programs. 

Crowdsourcing Security to Protect Against Cybercrime 

Cybersecurity has emerged since the development of the first computer. It has transformed over the years, but the ultimate goal has remained the same: to protect against unauthorized access and theft. In an ideal world, there would not be any need for cybersecurity. While in the real world, securing oneself makes all the difference. 

All of the above applies to both businesses and individuals. While an average individual may stay somewhat safe online if they adhere to basic security procedures, organizations need a comprehensive strategy to deal with potential threats. Such an approach should be based mostly on zero trust security.