84
CrowdStrike lives up to its name
this post was submitted on 20 Jul 2024
84 points (100.0% liked)
Technology
20 readers
14 users here now
Which posts fit here?
Anything that is at least tangentially connected to the technology, social media platforms, informational technologies and tech policy.
Rules
1. English only
Title and associated content has to be in English.
2. Use original link
Post URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communication
All communication has to be respectful of differing opinions, viewpoints, and experiences.
4. Inclusivity
Everyone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacks
Any kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangents
Stay on topic. Keep it relevant.
7. Instance rules may apply
If something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.
Companion communities
!globalnews@lemmy.zip
!interestingshare@lemmy.zip
Icon attribution | Banner attribution
founded 1 year ago
MODERATORS
This number seems quite low. My organisation alone would have had something like 3000 employee devices taken down. Since it happened on a day where most people WFH, there's at least another thousand static devices in my building alone that may not have been in use at the time that will shit the bed tomorrow morning.
The same thing applies to our much larger sister companies interstate. So that's another 6,000 or so devices.
The two largest energy retailers were affected too, so that's another 5,000 devices at a conservative estimate.
Then there's all the self-service checkouts that went down across Australia. I have no idea how many there are, but if every Coles and Woolworths has ten of them, that's another ~40,000 devices.
That's just the organisations that I am personally aware of as being affected in Australia and can get ballpark figures for.
Obviously Microsoft are getting their figures from the auto-reportimg that happened on each crash, but it really does seem like it's too low.
It's beyond time to diversify our IT infrastructure. Enough with sticking everything "in the cloud" and paying for software (and devices!!) we don't own.
So, those numbers all account for about 54,000 of the 8.5 million devices. Using fairly generous rounding, that still leaves approximately 8.5 million more devices.
A million is a lot.
Way to miss the point. That's 54,000 that one person knows of across a small handful of organisations in one small country. I'm not even including the dozens more organisations I know were affected but can't come up with a ballpark figure for.
Yknow I almost majored in IT/anything in that realm. Real glad I didn't right now. And most other times, but especially right now.
How many systems in the world’s military went down, you know in war machines of Russia and Israel and Ukraine?
Those computers don't have auto update enabled
Absolutely that. For networks that matter, patches are usually tested independently. While I wouldn't trust the average military command to do patch testing, any civilian/corporate contractors absolutely would, because money. (Microsoft is likely at the top of that stack...)
There are other conditions as well. EDR infrastructure, if it exists, would need to be isolated on a "Government cloud" which is a different beast completely. Plus, there are different levels of networks, some being air-gapped.
Normally I would agree however this doesn’t appear to be a Microsoft update but a CrowdStrike update. Given that everyone is worried about ransomware etc.