Crowdstrike

[Guided Missile]

WTF?

• Global internet outage.
• Sky News Down
• 911 Emergency Phones Out in the US

All down to an anti virus program, Crowdstrike, taking Microsoft down. Anyone else affected?

(I think it may be the end of the world as we know it)

[egg]

Is this what took the banking chaps system down yesterday? Carnage yesterday from that, now this. Good luck to anyone hoping to complete a property purchase today. 

[Guided Missile]

Funniest mission statement ever:

Quote

CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. CrowdStrike secures the most critical areas of risk – endpoints and cloud workloads, identity, and data – to keep customers ahead of today’s adversaries and stop breaches. Powered by the CrowdStrike Security Cloud, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence on evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities – all through a single, lightweight agent. With CrowdStrike, customers benefit from superior protection, better performance, reduced complexity and immediate time-to-value.

[Guided Missile]

I have never liked Microsoft 365. I like my apps on my local computer.

[bpsaint]

This today, a few banks have had down time lately as well as problems at airports too, it’s blatantly cyber attacks but they wont report that!!

[badgerx16]

Looks like a system update to Crowdstrike was applied on Thursday, and issues with Microsoft cloud services immediately started cascading.

Edited July 19 by badgerx16
bloody autocorrect

[Turkish]

Crowdstrike are one of the biggest competitors to the company i work for 

[Turkish]

Microsoft have a lot to answer for as well. They are selling their "security" product as part of larger software agreements a lot of them into big public sector and finance so people think they're protected but they have only got the very minimum level of protection. They've got people sucked in this way then once they've got their foot in the door upsell them to their higher level licences which is crazy expensive. Still shit though. Here's what the US senate said about them anyway, yet people still fall for their bullshit.

 

It'll be interesting to see how Crowdstrike address this as their mantra is "we stop breaches" We had a very large global customer leave us recently to go to them, i hope they're not too badly effected. 

Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack (nbcnews.com)

Edited July 19 by Turkish

[spyinthesky]

Back to pen and ink methinks.

More people employed, more money spent on coffee and croissants in city centres, less electricity consumed, the end of Microsoft and Apple, biro sales increase, people taking to one another.

What's not to like!!

[trousers]

Getting a post in before Saintsweb goes tits up... It's been nice knowing you all 

Edited July 19 by trousers

[badgerx16]

13 minutes ago, Turkish said:

Microsoft have a lot to answer for as well. They are selling their "security" product as part of larger software agreements a lot of them into big public sector and finance so people think they're protected but they have only got the very minimum level of protection. They've got people sucked in this way then once they've got their foot in the door upsell them to their higher level licences which is crazy expensive. Still shit though. Here's what the US senate said about them anyway, yet people still fall for their bullshit.

 

It'll be interesting to see how Crowdstrike address this as their mantra is "we stop breaches" We had a very large global customer leave us recently to go to them, i hope they're not too badly effected. 

Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack (nbcnews.com)

I have always thought the term 'Microsoft Security' to be a contradiction in terms.

Edited July 19 by badgerx16

[Guided Missile]

12 minutes ago, Turkish said:

It'll be interesting to see how Crowdstrike address this as their mantra is "we stop breaches" We had a very large global customer leave us recently to go to them, i hope they're not too badly effected. 

Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack (nbcnews.com)

Crowdstrike will go the same way as Joe Biden. They're deader than disco.

[whelk]

10 minutes ago, Guided Missile said:

Crowdstrike will go the same way as Joe Biden. They're deader than disco.

Tech forecast from an old boy who wants his apps on his ‘local computer’. I’ll pass thanks 

[EssEffCee]

Apparently affecting contactless payments too.

Could something similar affect digital ticketing or is the tech different?

[badgerx16]

11 minutes ago, EssEffCee said:

Apparently affecting contactless payments too.

Could something similar affect digital ticketing or is the tech different?

It will affect any service that is built on Micro$oft's cloud platform, and probably any others that utilise Crowdstrike.

Edited July 19 by badgerx16

[Turkish]

it's effecting the NHS 

NHS hit by global IT outage as GPs unable to see most patients and are 'dead in the water' - Mirror Online

They are another victim of Microsoft ELA tactics. 

[skintsaint]

Pretty sure this is how Skynet got going...

[Turkish]

I've just been told from a pretty good source in the industry it all has to be fixed manually. going to be some very busy and stressed IT people this weekend. 24,000 customers globally most of them enterprise size, the amount of users effected is going to be huge

Edited July 19 by Turkish

[buctootim]

2 hours ago, bpsaint said:

 it’s blatantly cyber attacks but they wont report that!!

That's what I'm thinking, probably a state actor, presumably Russia or China, but deafening silence.    

[buctootim]

Crowdstrike turned out to be a pretty apt name. 

[whelk]

14 minutes ago, buctootim said:

That's what I'm thinking, probably a state actor, presumably Russia or China, but deafening silence.    

It isn't

[ecuk268]

2 hours ago, spyinthesky said:

Back to pen and ink methinks.

More people employed, more money spent on coffee and croissants in city centres, less electricity consumed, the end of Microsoft and Apple, biro sales increase, people taking to one another.

What's not to like!!

Back to the days of bank robbers in Mk2 Jags.

[sadoldgit]

3 hours ago, bpsaint said:

This today, a few banks have had down time lately as well as problems at airports too, it’s blatantly cyber attacks but they wont report that!!

Not sure that is the case here, but it is certainly a huge wake up call and gives a taste of the effects of a full blown cyber attack on the country.

[The Kraken]

1 hour ago, Turkish said:

I've just been told from a pretty good source in the industry it all has to be fixed manually. going to be some very busy and stressed IT people this weekend. 24,000 customers globally most of them enterprise size, the amount of users effected is going to be huge

Can't they just turn it off and turn it back on again?

[Tamesaint]

1 minute ago, The Kraken said:

Can't they just turn it off and turn it back on again?

Giving it a good hard slap also helps. 

[Weston Super Saint]

3 minutes ago, The Kraken said:

Can't they just turn it off and turn it back on again?

There'll be one frustrated IT geek on the other end of the phone if they haven't already tried that.  Will definitely suggest they do it again though, even if they have.

[The Kraken]

2 minutes ago, Weston Super Saint said:

There'll be one frustrated IT geek on the other end of the phone if they haven't already tried that.  Will definitely suggest they do it again though, even if they have.

Maybe turn it off, unplug it from the wall, leave it off for 30 seconds then plug in try again.  Bet it works then.

[Holmes_and_Watson]

18 minutes ago, Tamesaint said:

Giving it a good hard slap also helps. 

When in doubt, give it a clout.

[Whitey Grandad]

1 hour ago, Tamesaint said:

Giving it a good hard slap also helps. 

It’s called “percussive maintenance”

[Raging Bull]

Smug as anything here because I’m 1 of the beautiful people who uses apple and I have cash for my wine later. 

[Lord Duckhunter]

Had Soggy blamed the far right yet? 

[Turkish]

5 minutes ago, Lord Duckhunter said:

Had Soggy blamed the far right yet? 

Well one of Crowdstrikes products is called Falcon and the Nazis used a bird of prey in their logos so maybe it is.....

 

Edited July 19 by Turkish

[badgerx16]

3 hours ago, The Kraken said:

Can't they just turn it off and turn it back on again?

This is Micro$oft's advice, but you may have to do it 15 times !

 

Also, this is almost certainly NOT a cyber attack, nor is it likely to be down to Russia or China. It is most likely a poorly scripted / tested update that has caused a conflict with the Windows OS.

It has happened before, but not on this scale.

[badgerx16]

1 hour ago, Whitey Grandad said:

It’s called “percussive maintenance”

Often carried out with a long handled 12 ounce adjuster.

Edited July 19 by badgerx16

[badgerx16]

3 hours ago, Weston Super Saint said:

There'll be one frustrated IT geek on the other end of the phone if they haven't already tried that.  Will definitely suggest they do it again though, even if they have.

I once got an irate call from my boss, the corporate IT Director, as his computer would not start. When I checked it, the 13 amp outlet into which his monitor was plugged was switched off.

[badgerx16]

4 hours ago, Turkish said:

I've just been told from a pretty good source in the industry it all has to be fixed manually. going to be some very busy and stressed IT people this weekend. 24,000 customers globally most of them enterprise size, the amount of users effected is going to be huge

Imagine if their backups are stored on Windows cloud servers.

[badgerx16]

Reports are that the Crowdstrike update causes servers to go into an infinite boot loop.

[AlexLaw76]

For those who are interested in a dull workaround:

Boot Windows into Safe Mode or WRE.

2. Go to C:\Windows\System32\drivers\CrowdStrike

3. Locate and delete file matching "C-00000291*.sys"

4. Boot normally.

[Holmes_and_Watson]

5 minutes ago, AlexLaw76 said:

For those who are interested in a dull workaround:

Boot Windows into Safe Mode or WRE.

2. Go to C:\Windows\System32\drivers\CrowdStrike

3. Locate and delete file matching "C-00000291*.sys"

4. Boot normally.

I can imagine the viewers of the TV film version of this, DatApocalypse, being slightly let down by this as the finale. 🙂

Edited July 19 by Holmes_and_Watson