Cybersecurity firm CrowdStrike has announced plans to implement enhanced checks and staggered updates to prevent a recurrence of the global IT outage that affected millions of computers last week.
The Texas-based company outlined initial findings from its investigation into the incident and detailed steps to mitigate future risks.
On Wednesday, CrowdStrike revealed that it would improve its internal testing processes to prevent disruptions similar to the recent widespread issues that impacted various sectors, including airlines and retailers, due to a faulty software update.
Microsoft estimated that approximately 8.5 million Windows devices, representing less than 1% of all Windows machines, were affected by the problematic update. The incident grounded planes, disrupted hospital appointments, and interrupted broadcasters worldwide.
To address these issues, CrowdStrike plans to implement a “staggered deployment strategy” for software updates. This approach will ensure updates are rolled out gradually, reducing the risk of large-scale disruptions should an error occur.
In response to the crisis, CrowdStrike’s CEO, George Kurtz, was summoned by the US Subcommittee on Cybersecurity and Infrastructure Protection. Lawmakers have described the incident as “potentially the largest IT outage in history,” seeking explanations for the company’s role in the disruption. CrowdStrike confirmed it is actively cooperating with relevant congressional committees.
Last week, CrowdStrike attributed the outage to an update of its Falcon software, which caused a “blue screen of death” error on millions of devices. A preliminary review revealed that the error was undetected due to a flaw in the “content validator,” which failed to identify problematic content in the update.
The faulty update, which began rolling out on Friday, affected millions of machines within approximately 90 minutes before CrowdStrike identified the issue and halted further distribution.
The incident has underscored the risks associated with the interconnected nature of global IT systems and the potential for a single error to cause extensive disruption. In the aftermath, CrowdStrike warned that cybercriminals were attempting to exploit the chaos by distributing malicious files targeting its customers.
To combat these threats, CrowdStrike published a list of internet domains impersonating its brand, which could be used by cybercriminals to serve malicious content to unsuspecting users.
By enhancing its testing processes and adopting a phased approach to updates, CrowdStrike aims to strengthen its defences against future disruptions and maintain the integrity of its cybersecurity services.
Support InfoStride News' Credible Journalism: Only credible journalism can guarantee a fair, accountable and transparent society, including democracy and government. It involves a lot of efforts and money. We need your support. Click here to Donate