With Companies Like CrowdStrike, Who Needs Viruses?

Big tech has bungled it once again. As you know by now, major IT outages took place this past Friday across industries such as airlines, logistics, communications, and retail.

Who’s behind the crash? CrowdStrike, a security company valued at 83B dollars with corporate customers all over the world. Friday morning, the CrowdStrike team released a faulty update to the systems of their 29,000 customers. Because CrowdStrike is given root access on customer machines, it has the ability to automatically update itself and change system files.

As CrowdStrike explains, a bad file in the Windows update caused a blue screen of death.

The fix is actually simple, remove the faulty file from the system directory. However, if the computer was encrypted (using Microsoft’s Bitlocker) then the computer’s unique recovery key must be retrieved by IT and used to unlock the computer in a recovery environment. Now imagine doing this for 10,000 computers in an organization.

No wonder IT teams and organizations were reeling for days trying to fix issues.

Dozens of airports were effected in the United States, Hong Kong, Berlin, Amsterdam, and Manchester. Flight Aware’s misery map estimates over 1534 delays and 400 cancellations in the US alone.

Many companies were impacted directly by the CrowdStrike outage and were shut out of their machines. But the outage also caused ripples that effected hospitals. For instance, CrowdStrike caused a major Azure (Microsoft Cloud) data center to go down, which caused Epic (an electronic medical record system) to go down, which caused hospitals like Penn Medicine, UVA Health, and University of Miami to start using pen and paper.

This event made clear that companies like CrowdStrike and Microsoft play far too big of a part in today’s tech infrastructure and can accidentally cause an outage that’s magnitudes worse than a cyberattack.

Would Linux have saved these companies?

Yes and no. Yes because the issue at hand only impacted Windows host. And no because the IT departments at these major companies all made the same choice - to give a third party full control of their computers. It could have been a bad update, a vulnerability, or even a CrowdStrike outage - it would have taken the systems down.

In fact, CrowdStrike took down Linux servers (Debian) in a computer lab, causing them to crash and refuse to reboot. CrowdStrike took weeks to figure out a root cause, which was them neglecting to test that version of Debian Linux.

That’s one example, but how does a $83B company neglect to test in a Windows environment? There was an incredible lack of care in this rollout.

Companies Are To Blame

Any company that gives a third party full access to their servers is asking for something like this to happen. Leaders of these cybersecurity organizations would be wise to divest themselves from cloud solutions that can brick their entire organization overnight and look at building an expertise within the company, or using decentralized open-source software to protect themselves.

CrowdStrike’s Political Responsibilities

When you look into the history of CrowdStrike, a few interesting patterns emerge. This was the same company that the Democratic National Committee hired to investigate the DNC emails hacks which lead to those emails being leaked by WikiLeaks. The President of CrowdStrike Shawn Henry was personally involved in the investigation and his conclusion was that Russia was behind the attacks, which was parroted by other cybersecurity firms and U.S intelligence agencies.

It was revealed several years later in a testimony that CrowdStrike never had any proof that the emails were moved off the server, or that the threat actor was Russia. In testimony to Congress, Henry said:

"There’s not evidence that they were actually exfiltrated. There's circumstantial evidence but no evidence that they were actually exfiltrated."

The FBI accepted copies of the server images from CrowdStrike and did not conduct their own analysis, then Director James Comey said that this was an “appropriate substitute”.

Read more on that story on RealClearInvestigations.

CrowdStrike also lead the investigation on the SolarWinds hack, which was also blamed on Russian intelligence - without providing any evidence.

Seeing a pattern here? Companies like CrowdStrike are able to perform the first analysis of a cyberattack and provide a conclusion on the source without evidence. Their conclusions always seem to fall in line with U.S Intelligence, and of course get picked up by media and portrayed as fact.

But Russia may just be the boogeyman in the public’s eye, cybersecurity leaders from over 29 countries joined for Cyber Polygon 2020 organized by Russian bank Sberbank, who’s majority owner is the Russian government. Blaming Russia could just be a public exercise for Western media, you can read more about the connections between both Eastern and Western cybersecurity circles detailed in this Unlimited Hangout article.

The infamous words of Klaus Schwab’s opening address:

We all know, but still pay insufficient attention to, the frightening scenario of a comprehensive cyberattack which would bring to a complete halt to the power supply, transportation, hospital services, our society as a whole. The COVID-19 crisis would be seen in this respect as a small disturbance in comparison to a major cyberattack.

Thanks to a monolithic cybersecurity infrastructure, we can see that ‘friendly’ security firms can be responsible for major outages and the real origin of cyberattacks can be obfuscated.

The Bright Side

Thank you CrowdStrike! Now the world knows your name and is more aware of the lack of standards in big tech infrastructure. Whether this was an accident, planned, or the result of total negligence - the solution is clear. Be responsible for your own security!

Minimizing Third Parties

When it comes to technology, the less people you have to trust - the better. At Above, we decided to minimize our reliance on third parties and run everything in house - including our security. Sure, its a lot of work, but its worth it. We encourage you adopt this same philosophy in your own use of technology.

Buy Above Phone: https://abovephone.com

Buy Above Book: https://abovephone.com/book

Follow us:
https://www.tiktok.com/@takebackourtech
https://x.com/abovephone
t.me/takebackourtech
https://odysee.com/@takebackourtech:f

Take Back Our Tech is organic content written by real humans and technologists, we do not AI use for content generation. We report on the latest news in information technology through the lens of individual privacy and freedom, and we aim to provide practical solutions in every piece of content. Subscribe as a paid member to our Substack to support us!

Comments

[Satoshi Nakamoto]

You will find links between CrowdStrike and WEF.