[Industry] BSODs impacting banks, airlines, TV broadcasters, supermarkets, and many more businesses worldwide

[Hallvor]

Not Microsoft's fault.

Thousands of Windows machines are experiencing a Blue Screen of Death (BSOD) issue at boot today, impacting banks, airlines, TV broadcasters, supermarkets, and many more businesses worldwide. A faulty update from cybersecurity provider CrowdStrike is knocking affected PCs and servers offline, forcing them into a recovery boot loop so machines can’t start properly.

https://www.theverge.com/2024/7/19/2420 ... tage-issue

[fabien]

It's an ecosystem problem. That's why diversity in operating systems is important, as well as diversity within each operating system. Diversity equals resilience.

[Augie77]

Hmmm....might be a MS fault as well. Perhaps CrowdStrike fixed an undisclosed issue by MS. Win 10 users will never know, as their OS would be silently patched to fix the MS side of it.

My Debian Bookworm is working just fine.

[NFT5]

The whole concept of entrusting the security of my information to the safekeeping of someone else, to whom I matter not a whit, has always given me the shivers. Of course, if all your systems are down then their security can't be improved upon, can it?

[sunrat]

suspect.jpg (40.84 KiB) Viewed 3090 times

[wizard10000]

If Crowdstrike had followed best practices when testing their upgrade this wouldn't have happened.

I figure this will most likely put Crowdstrike out of business and I don't think that's a bad thing. Company with a security focus releases an untested upgrade that blows up thousands of computers? They deserve to go out of business.

[fabien]

an untested upgrade that blows up thousands of computers

millions

Using Windows just to display schedules in airports

[CwF]

suspect.jpg

That was a good show, as I remember she did break it! And the IT message on reel to reel!

Using Windows just to display schedules in airports

I'd use tickle!

[wizard10000]

millions

Yeah, I was being generous

[NFT5]

And now we start to count the cost of this "minor" glitch.

https://www.abc.net.au/news/2024-07-22/ ... /104127486

To be honest, in my opinion AUD$1billion is probably nowhere the the real cost. I was in a major shopping centre on Friday night (busy time usually) and perhaps 1 in 20 shops were open. Strangely, the big chain supermarkets were still operating, albeit with greatly reduced customer numbers, but what got me was how many of the small shops had to shut their doors. I even saw a barber sitting in his shop with his head in his hands - he could cut hair but only if you paid cash.....and who does that these days? It's the small businesses who have surrendered their livelihoods to companies like Crowdstrike, out of fear of being involved in some kind of malicious incident. Yet these small businesses, the ones least able to be able to cope with the loss of income from even a day or two of not trading, are the ones most severely impacted when the organisation that is supposed to protect them, doesn't.

No doubt Crowdstrike have a clause in their Terms that says something like "if we stuff up you can't hold us responsible" but clauses like that have been ruled out with newer legislation that actually holds supplying companies responsible. Witness the two major telcos, Telstra and Optus, being fined and taken to task for outages that impacted millions. And it's the government who are taking these companies to court, not individual customers, or even class actions (yet). The fines are not really huge, but the message is clear that they could be, in the future.

To add insult to injury the inevitable bad actors out there have already sprung phishing campaigns and more to ensure that they get a share as well. Crowdstrike customers, already identified as being unable to handle their own security are the obvious targets and, unfortunately, some will get caught.

The billion dollar cost estimate, just for Australia, is, no doubt, little more than a drop in the bucket of the worldwide cost. Crowdstrike may escape in many jurisdictions but there are more than just a few who have legislation not dissimilar to ours and Crowdstrike's exposure is significant. Will they survive? We'll see, but I think the message is clear.

[RedGreen925]

The billion dollar cost estimate, just for Australia, is, no doubt, little more than a drop in the bucket of the worldwide cost. Crowdstrike may escape in many jurisdictions but there are more than just a few who have legislation not dissimilar to ours and Crowdstrike's exposure is significant. Will they survive? We'll see, but I think the message is clear.

Certainly is never trust the parasite corporations, they are in it for theirs not your interest, apparently they are equal opportunity morons having already FUBAR'd many Linux systems before this event with sysadmins stupid enough to trust their garbage software and methods of deploying it.

https://www.neowin.net/news/crowdstrike ... e-noticed/

[Hallvor]

Microsoft blames the EU, while seemingly forgetting why the EU got involved in the first place: https://www.euronews.com/next/2024/07/2 ... -it-outage

[sickpig]

Received couple of hours ago

The gall -

https://i.imgur.com/WracY5B.jpeg

[RedGreen925]

Microsoft blames the EU, while seemingly forgetting why the EU got involved in the first place: https://www.euronews.com/next/2024/07/2 ... -it-outage

Of course they do they are such a kind loving company who are always so hard done by, as are so many these days it seems they are everywhere whining on about the same and how their actions are always some one else's fault. They were forced to do it by the big bad meanies. Could not have a thing to do with the idea that the garbage exploit ridden virus/trojan delivery system that masquerades as an OS they provide has for close to forty years now been steaming pile of dung, and they have not one single clue how to do security properly never have.