Two cybersecurity experts have delved into the technical aspects of the global flaws that occurred on July 19 at Microsoft due to a Crowdstrike update.
Windows devices suffered failures due to the cybersecurity tool Crowdstrike —used by the operating system—, causing airports, banks and other entities to be affected last Friday, July 19. Although in Guatemala the consequences were not of great magnitude according to the banking system.
Sisap’s commercial director of application systems, Daniel Gálvez, explained that all systems with the Falcón sensor for end-user or server protection are experiencing the “blue screen” problem.
Gálvez says that this is not a cyber attack, but rather that updating software and hardware is a routine practice in technology organizations.
“This time it is a routine update from the manufacturer Crowdstrike that involved a widespread failure in the Windows operating system. It is very important to highlight that Crowdstrike, as a global and responsible company, did so within minutes following the failure occurred. The only drawback with this procedure is that it is a manual process,” said the expert.
The expert said that in the following hours, the technology known as workarounds or alternative procedures to solve the problem in a more diligent way was announced.
Gálvez encourages everyone to remain calm in the face of the failures that continue to occur. He also encourages people to follow Crowdstrike’s instructions on the official site to find out how to resolve the situation. And, finally, to contact trusted technological allies so that the recovery of the affected infrastructure is possible.
“Perfect storm”
For his part, Tony Anscombe, head of computer security at Eset, attributes the failures to the fact that they may have occurred in an inopportune context, due to bad luck, in a “perfect storm” of updates or configurations that created the incident.
Anscombe explains that the procedure in this type of situation is for the cybersecurity team to take the update and test it in their own environment where they ensure that there are no incompatibilities. From there, a gradual scheduled deployment is carried out to reduce the risk of any problems.
The global outage “doesn’t mean supplier incompetence, it’s probably just a bad luck scenario,” he said.
“First, all cybersecurity vendors are likely to review their update processes to ensure there are no gaps and see how they can strengthen them,” he recommends.
Anscombe adds that this underscores the importance of systems in companies that achieve a significant position in the market and points out that if cybercriminals did not create cyber threats, there would be no need for real-time protection.
#Cybersecurity #experts #explain #Crowdstrike #failed