S.D.I. English Newsletter: Support, marketing and customer protection ....

So, nobody is perfect, not even Crowstrike!

We have all seen what happened, how weak the protection chains and systems of companies are. That Falcon that was supposed to protect against attacks has become the attacker.

What happened ...

Let's start at the beginning, a bug, in IT slang meaning an error in programming, was distributed to all end points (PCs and servers) equipped with an automatic update to Crowstrike's Falcon. The systems affected widely and caused the infernal marasmus; airports, hospitals, stations, ect. ; are the users of Microsoft's cloud platforms, which are now widespread due to the increasing use of the cloud.

First of all, the problem was not Microsoft's, but one of the systems widely used as a cyber security platform, namely Crowdstrike’s Falcon Sensor. Cloud systems were immediately affected by the bug, being always online, generating chaos.

Chaos that in a chain, spread a little less quickly to other companies as hosts, update distribution systems, around the world distributed the bug and companies unknowingly installed it.

Like a flu, or better yet, like a virus.

Testing

How was the bug distributed? We are human, the possibility of error exists and always will; like every company on earth Crowstrike adopts testing policies for its software that should protect against all eventualities. This time something went wrong.

A bit like every company that develops should do, testing procedures following test cases, test cases, first on a small sample, then a larger one, and then to everyone. Every good PM on earth knows management.

So how did this happen? An incorrect or unrestrictive test case, a carelessness, a procedure not followed, an oversight; anything can be. The essence of the matter is that we are now constantly connected, so immediately exposed to updates (don't tell me you don't do them constantly on mobile phones to always have the latest release!).

Remedies

How can this be remedied in a timely manner? The remedial update was deployed very quickly by Crowdstrike and applied promptly by cloud-based systems. Less quickly in companies where IT departments are less well-staffed and sometimes limited in skills. Still many companies are struggling with the BSOD (Blue Screen Of Death), it will take time for everyone to remediate and get back to full operation. Weeks probably, hopefully not months.

Crowstrike's approach

Certainly the company will suffer a loss of image, but every cloud has a silver lining. Personally, I ?appreciated the direct contact from Crowdstrike's CEO, George Kurtz, who reached out to customers, offering an apology and stating that all their efforts will be in the direction of consumers to help them.

Marketing move? Not only, intelligence move; Kurtz informed that every customer 'matters', every one of them is important to his company. Pointing out that the customer matters makes all the difference, technical support is what everyone is looking for in a world now dependent on technology. The level of support makes all the difference, in CrowdStrike as in every other company on this earth that provides software solutions. Every company should equip itself with maintenance and support contracts, adequate internal or external teams, reliable suppliers and effective partners. Unfortunately this is often seen as just a cost, instead it is an added value!

So what should I do? Do I upgrade my company's IT department to be ready for the next global IT disaster? NO, all you have to do is turn to specialised companies, ready to help the customer and remedy when needed, providing knowledge IT ?teams, adding resources where needed and providing the necessary technical know-how. The customer 'matters', whether it is Crowstrike or any other consulting or technology partnership company.

Don't know any? The channels are multiple, starting with the social in which we are reading. It's money well spent, it doesn't happen, but when it does... it's very well spent.

Avoid another disaster: Free software? Detach from the cloud, switch to Linux/Mac Os ?

Those who don't use the cloud would have been attacked a little later but would have been anyway; maybe they would have had time to deactivate automatic updates or maybe not. The cloud offers the plus of having specialists behind it, Microsoft was the first to remedy it in Azure, and to distribute the remedy to their customers.

That's what the cloud is all about, not just turning off the hardware in the company, but securing the service, the support, the specialised technicians. In short, what makes the difference.

Switch to free software?

Solution that leapt to light immediately after the problem, a million technicians solve before a thousand technicians. Definitely, but not everyone is on the side of the good guys; free software means yes more developers but also lending its flank to any cyber crime teams that might use the source code to their advantage.

I switch everything to Linux and/or MacOS

The CrowdStrike problem has only affected Microsoft systems, that’s true; the first update distributed is usually for the most popular system and therefore subject to cyber attack, again no exception, the first operating system to be updated was Microsoft's, which led the way.?

Crowdstrike is used, albeit to a lesser extent by Linux and MacOS; if the problem, we know of, had not arisen, it would probably have been a few hours too late, but Linux and OS systems would also have been infected.??

Vincent Flibustier

The sacrificial victim! The real criminal! On his first day at work; a CrowdStrike intern distributed a small patch (software update in Tech slang) and then took ? day off.???

I have to say that when I received a WhatsApp from a friend, a well-known geek from a tech company in the Turin hinterland, I immediately thought it was a joke.

But it's not, Vincent Flibustier exists, or rather it is the pseudonym of a Belgian journalist who has made a social experiment to make us understand how little it takes to end up in the blender of fake news.

A very successful experiment, in just a few hours his profile jumped to number 1 in several social networks.

?

What it teaches us

Connected is good, with all the bonus and malus of the case, we are constantly updated but this also exposes us to risks.

Today Crowdstrike, tomorrow who knows; the important thing is to equip ourselves with the remediation possibilities, a 2nd level team that can help us in times of need.

Support our company when we need it. These are not costs, these are guarantees.