Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Digital Disaster. Show all posts
IT Security
CrowdStrike CrowdStrike outage Cyber Attacks Cyber Security Vendor Digital Disaster Global IT Outage IT Security

Navigating the Impact of Major IT Outages: Lessons from the CrowdStrike Incident

 

On Friday, a critical software update by cybersecurity firm CrowdStrike led to a massive outage, affecting around 8.5 million Windows machines globally. This incident serves as a stark reminder of the importance of preparedness for IT disruptions. Experts from CIO Journal have shared their insights on how organizations can better prepare for similar scenarios in the future. Understanding vendor practices is crucial. 

IT leaders should hold vendors, like CrowdStrike, to high standards regarding development and testing. Neil MacDonald, a Gartner vice president, emphasizes the need for thorough regression testing of all Windows versions before any update is released. IT managers must ensure that vendors are transparent about their software development processes and offer options for phased updates. With automatic software updates becoming standard practice, the CrowdStrike incident highlights the need for caution. Paul Davis from JFrog suggests prioritizing testing for updates based on their potential impact. 

Although testing every update may not be feasible, automation and AI tools can assist in managing this process efficiently. Jack Hidary from SandboxAQ advocates for AI-driven error detection to enhance software reliability. Developing a robust disaster recovery plan is also essential. Gartner’s MacDonald likens a major IT outage to a natural disaster, advising businesses to prepare similar recovery strategies. Establishing a “clean room” environment for restoring critical systems and conducting regular tabletop exercises can help maintain operational resilience. Regular data backups also mitigate the impact of such outages, as noted by Victor Zyamzin from Qrator Labs. Reviewing vendor contracts and insurance coverage is another vital step. Companies should scrutinize their agreements for clauses that ensure vendor reliability and explore compensation options for outages. 

Peter Halprin from Haynes Boone underscores the importance of cyber insurance, which can provide financial protection against business income losses due to IT disruptions. Finally, organizations may need to reassess their reliance on specific platforms. The CrowdStrike update, which primarily affected Windows-based systems, raises questions about whether businesses should consider alternative operating systems like macOS or Linux. As Chirag Mehta of Constellation Research points out, evaluating the necessity of deeper access provided by Windows might lead some to adopt simpler systems like Chromebooks.

The CrowdStrike outage underscores the importance of rigorous testing, effective disaster recovery plans, careful vendor and insurance management, and a thoughtful approach to platform selection. By addressing these areas, businesses can better prepare for future IT challenges and safeguard their operations.
Read more »
Information Commissioner Office
Data Breach Digital Disaster Electoral Commission Information Commissioner Office

Digital Disaster: Electoral Commission Data Breach Leaves 40 Million UK Voters Exposed

 


In the wake of the revelation that a hostile cyber-attack between February and May of last year was able to access the data of 40 million voters without being detected, along with the lack of notification to the public for about ten months, public confidence in the UK's electoral regulator has been sorely tested. 

It is estimated that the personal information of approximately 40 million U.K. voters has been vulnerable for over a year – as a result of the Electoral Commission falling victim to a complex cyberattack. It has been reported that in October 2022, the Electoral Commission noticed suspicious activity on its network and confirmed that it had detected it. 

The Electoral Commission is responsible for supervising elections in the country. Unidentified "hostile actors," however, gained access to the company's systems over a year earlier, in August 2021, and it was later revealed that the company had been compromised by such actors. 

There have been reports to the Information Commissioner's Office (ICO) as well as the National Crime Agency that the attack was detected within 72 hours after it was reported to them. An intrusion allowed unauthorized access to the servers of the Commission, which house email, control systems, and copies of the electoral registers that the Commission maintains for research purposes, having enabled the intrusion to become successful. It is currently unknown who the intruders are and where they came from.

However, the Commission did tell the BBC and The Guardian that it delayed this disclosure by another 10 months to prevent the adversary from getting access to the network, investigate the extent of the breach, and enforce security safeguards. It is not clear why the disclosure was delayed by another 10 months. 

As noted in the report, the Commission noted that the data that can be accessed is also able to be combined with information that is publicly accessible to "infer patterns of behaviour or to identify and profile individuals and groups of individuals." 

Furthermore, it said that the attack had no impact on the electoral process or the electoral registration status of any voters and that there is little risk to people in terms of their details held on the email servers of the company, except that they contain any sensitive information. 

Among the names and addresses included in the registers were those of a person residing in the United Kingdom, who will be eligible to vote between 2014 and 2022, as well as the names of those who plan to cast their ballots from outside of the United Kingdom. 

Nevertheless, they did not contain any information regarding those who qualified for anonymous registration as well as addresses for overseas electors who were registered outside of England and Wales. An attack was discovered by the Information Commissioner's Office (ICO) and the National Crime Agency within 72 hours of being discovered last October.

As a result, the ICO immediately reported the incident to both entities. Despite this, it was only recently disclosed to the public that millions of voters' data may have been if not all, accessible through the election registers over the last several years. 

There is no conclusive way that the Electoral Commission can determine what information had been accessed. The attackers are unknown to have been associated with a hostile state, such as Russia, or with a cyber gang that offers a criminal nature. 

The Electoral Commission has said that the records of most of these people would have been publicly accessible anyhow because they were on the open register, to begin with. However, a Sky News analysis reveals that about 28 million people missed out on the open registration system that year, as a result of their own decisions. 
Read more »
Subscribe to: Posts (Atom)