On Friday, July 19, 2024, a CrowdStrike update impacted an estimated 8.5 million Windows machines. Root cause was identified as a faulty definition update within CrowdStrike’s endpoint protection solution. The update affected most Windows machines, including servers with CrowdStrike Falcon endpoint detection software installed. This update included a defective detection rule that incorrectly flagged a legitimate Windows system file or process as malicious. Consequently, the software either quarantined or blocked the file, leading to system failures and the infamous blue screen error (BSOD). This incident had a significant impact on various sectors globally, demonstrating the extensive reach of the problem.
For more detailed explanations, refer to these articles:
https://www.cisa.gov/news-events/alerts/2024/07/19/widespread-it-outage-due-crowdstrike-update
https://www.darkreading.com/cyberattacks-data-breaches/crowdstrike-outage
What is Long View Doing About It?
In response to the incident, Long View immediately activated our crisis management protocols. Our team swiftly reached out to all managed clients, offering prompt support to mitigate the impact and restore normal operations. We help many clients with their security posture. Please reach out to talk to us about it. Contact information at the bottom of this note.
Our Response:
- Immediate Client Outreach: Contacted all managed clients promptly to provide assistance.
- Efficient Recovery: Collaborated with clients to quickly recover systems and minimize downtime.
- Expert Assistance: Our team offered tailored solutions to address specific client needs.
Options Exist – Next Steps
A key step for all organizations is to evaluate their tooling and processes to prevent similar incidents in the future. Technology and setting options exist to mitigate and control future risk. We recommend the following steps:
- Evaluate Security Posture on your Endpoints:
- Assess Risks: Look for and assess risks and vulnerabilities.
- Explore Options: Evaluate the right EDR solution for your organization.
- Pros and Cons: Weigh the benefits and drawbacks of potentially transitioning to a new solution. - Best of Breed Solutions:
- Consider Alternatives: Look into reputable vendors that are known for robust protection and reliability.
- Evaluation Criteria: Understand the unique benefits of alternatives like advanced threat detection capabilities and integration with existing systems. - Look for Proven Reliability and Stability:
- Rigorous Testing: Choose solutions that undergo extensive testing to minimize false positives and disruptions.
- Frequent Updates: Ensure the provider offers regular updates to maintain high protection standards. - Demand a Product with Strong Community Support:
- Extensive Resources: Opt for solutions backed by a strong user community and ample support resources.
- Example: A product with strong community support provides valuable insights and support, aiding in smooth operation and issue resolution.
Conclusion
Please reach out to discuss your security roadmap with one of our trusted advisors today. Long View's rapid response helped mitigate the impact for our clients, and we are here to assist with any concerns. For more detailed guidance or to discuss your specific needs, please contact us via your Account Manager or our general email address.
Contact Us:
Email: [email protected]
Phone: 1-866-515-6900
By taking proactive steps and evaluating your current security measures, you can ensure your systems remain protected and stable in the face of potential threats.
Subscribe to our newsletter for the latest updates.