CrowdStrike made "a serious mistake" — US Cybersecurity and Infrastructure Security Agency director

mylesillidge

Journalist
Joined
Jul 29, 2021
Messages
1,539
Reaction score
1,430
US cybersecurity watchdog slams CrowdStrike for causing worldwide IT outage

A senior US government cybersecurity official has slammed CrowdStrike Holdings Inc. for making "a serious mistake" by pushing a defective update that crashed the systems of businesses and governments globally.

"It was a huge deal with serious impacts on critical infrastructure operations across the world," said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said in a LinkedIn post published on Saturday.

[Bloomberg]
 
what are they going to do about it, tho?
slap them on the wrist, and give them a time out in the naughty corner?

or finally realize corporate IT needs something better than a program that has rights to update itself outside the usual channels and methods.
 
what are they going to do about it, tho?
slap them on the wrist, and give them a time out in the naughty corner?

or finally realize corporate IT needs something better than a program that has rights to update itself outside the usual channels and methods.
OK then what is that thing since you seem to have an idea.
 
OK then what is that thing since you seem to have an idea.
I think accountability is required; not a fine but compensation to everyone affected (directly - indirectly would be too complicated).

A fine would only benefit the goverment.

Better quality testing and staggered releases would have prevented this - lots of lessons learned not just for Crowdstrike.
 
I think accountability is required; not a fine but compensation to everyone affected (directly - indirectly would be too complicated).

A fine would only benefit the goverment.

Better quality testing and staggered releases would have prevented this - lots of lessons learned not just for Crowdstrike.
Depending on contracts and SLAs and such the fine is the least of crowdstrikes worries at this point.

The big boy corporates will already be quantifying damages and demanding payment from crowdstrike.
 
Just imagine what would happen if a country's grid was using Windows + CS, disaster.
 
Oh look, another DEI government plant is here to tell is bad thing is bad.
Just SFTU and let the actual experts deal with it.

1721558241777.png

1721558271000.png
 
US cybersecurity watchdog slams CrowdStrike for causing worldwide IT outage

A senior US government cybersecurity official has slammed CrowdStrike Holdings Inc. for making "a serious mistake" by pushing a defective update that crashed the systems of businesses and governments globally.

"It was a huge deal with serious impacts on critical infrastructure operations across the world," said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said in a LinkedIn post published on Saturday.

[Bloomberg]
Cybersecurity officials like this cretin are thew people responsible for requiring companies to install software like Crowdstrike in the first place.
 
explanation was good, at least now I know why something like that happened, but again my point is how is this not a gigantic security hole,
one could even say ready to be exploited and taken advantage of by some nefarious actors.
 
Top
Sign up to the MyBroadband newsletter