AFP
Experts in cybersecurity have pointed out that the recent system crash caused by CrowdStrike’s cybersecurity software update was likely due to inadequate quality checks before deployment. The lack of thorough testing led to a global disruption affecting computer systems worldwide.
According to Reuters, the update to CrowdStrike’s Falcon Sensor software aimed to enhance security by updating the list of threats it defends against. Unfortunately, the faulty code in the update triggered a major tech outage, affecting many companies relying on Microsoft’s Windows OS.
Steve Cobb, chief security officer at Security Scorecard, mentioned that the issue may have been caused by a lapse in the vetting process of the code. This oversight resulted in widespread system crashes and operational problems for various organizations.
The impact on Microsoft systems led to flight delays, cancellations, and disruptions in hospitals, banks, supermarkets, and countless businesses.
Global flight cancellations reached close to 7,000 on Friday, accounting for 6.2% of all scheduled flights, as reported by Aviation analytics firm Cirium.
Security researcher Patrick Wardle identified the problematic code responsible for the outage, which was related to configuration details or malware signatures. He explained that security products regularly update their signatures to detect new threats, but the rushed nature of this update may have led to insufficient testing.
Similar incidents have occurred in the past with other security companies, such as McAfee’s antivirus update in 2010 that caused widespread computer issues.
Microsoft
Source