CrowdStrike Incident: Preparedness and Call to Action

The CrowdStrike incident on 19 July 2024 has been classified as the biggest IT outage in history. The cyber security company’s out-of-date configuration led to the "blue screen of death" (BSoD) for Microsoft Windows systems worldwide, causing widespread disruptions to sectors including banking, air travel and healthcare. Across the globe, the effects of this outage are still being dealt with. This was not a cyber security incident, but rather a disruption in IT infrastructure.

BIRGER. recommends to take the following measures:

Technology: To do regular updates

Updates similar to the one released by CrowdStrike are common for several reasons, ranging from addressing vulnerabilities to system updates. Rigorous testing, sand-boxing, and quality assurance are of the utmost importance in any workflow that deals with software releases. Having robust processes and procedures in place that cover human interaction and automation can significantly mitigate the occurrence of such incidents.

Security: To apply best practices

Cybercriminals exploit such uncertain situations, leading to increased cyber security threats. 

For example:

1. A malicious ZIP archive called Crowdstrike-hotfiz.zip emerged on the day of the outage. When executed, it loads remote access and control malware.
2. Phishing has increased significantly since this incident occurred, with spam emails impersonating CrowdStrike is in circulation.

In this context, it is important to apply best practices to safeguard against these threats which include:

• Raising awareness about cyber security to protect users.
• Protecting your infrastructure.
• Securing all remote accesses.
• Implementing stringent access policies.
• Preventing data loss.
• Continuously monitoring IT infrastructure.
• Adhering to data protection principles.

Click here for our article “Stay Safe” published during the last Cyber Security Awareness Month. 

Resiliency: To develop well-structured Resiliency Plans

Well-structured Resiliency plans should be developed for faster and effective recovery. During the Business Continuity Awareness Week in May 2024, BIRGER. released a series of articles and webinars that provide valuable insights applicable to such an outage. 

Two articles, in particular, stand out:

1. Proactive Preparedness: Anticipating Disruptions to Ensure Business Continuity

This article emphasises the importance of anticipating potential disruptive events and implementing strategic plans to mitigate their impact. Key recommendations include conducting comprehensive risk assessments, developing tailored contingency plan for each identified risk, and continuously monitoring, evaluating, and adapting to evolving threats. Click here for the detailed article.

2. Learning from the Past to Prepare for the Future: A Crucial Component of Resiliency and Business Continuity

This article underscores the value of learning from past experiences to prepare for future challenges. It recommends establishing a robust incident review process, documenting lessons learned, and conducting scenario planning exercises using historical data and insights. Click here for the detailed article.

In conclusion, while IT outages are disruptive, they also present an opportunity to reassess Technology – Security - Resiliency plans, to learn from experience, and to strengthen preparedness for any disruptive event. By doing so, business continuity can be ensured, people and assets protected and reputation maintained in case of such disruptive event. 

For more information on these topics, please contact us by mail at B_contacted@birger.technology or call our Cyber Defense Centre on [230] 6016819.

Regards,

BIRGER.