In This Article:
The CrowdStrike (CRWD) outage greatly impacted everything from airlines to healthcare to hospitality and more. San Jose State Professor Ahmed Banafa explains that the outage affected many more people than a typical IT failure impacting just one company. He notes that the reason it's taking so long to fix the issue is because it requires manually deleting the file that created the chaos from thousands of computers, a process that could take weeks.
With systems compromised, hackers can take advantage of this situation by creating phishing emails along with fake research and websites to gain access to affected parties. When asked how individuals could keep their computers safe, Banafa emphasized thinking before clicking and only using help directly from Microsoft and CrowdStrike.
In addition, Banafa notes that no one questions a software update, and as a result, 8.5 million devices suffered this outage. He thinks that the incident may prompt Microsoft to reconsider its relationship with CrowdStrike due to the negative publicity.
And it's not just airlines that were hit hard by the CrowdStrike outage, sectors from healthcare to hospitality are feeling the effects. The other question, will bad actors now try to capitalize on this outage? For more on the cybersecurity landscape, we're bringing in Ahmed Banafa, professor at San Jose State University. Ahmed, it's good to see you. You know, I thought it'd be interesting, Ahmed, just to frame the CrowdStrike event because I've heard it described as the most spectacular IT failure ever. Do you agree with that, Ahmed?
Absolutely, because this is going down to the impact on people. I mean, before you have some kind of, uh, breaches or some kind of an IT outage, which is will be specific for a company, specific for a certain sector. Now you're talking across the sectors and people feel this one, especially during one of the busiest weeks of travel, you know, in the summer. So, so that that label is really worth it.
Ahmed, how long do you think it is before we are fully recovered? All systems back up and running. Is this hours, is it days, longer?
That's a good question, uh, Josh. Here's the real story here. There are two categories of the companies or the computers that impacted by this kind, by this outage. One of them that can be fixed by rebooting very quickly, remotely. The other one, which is the one that we're still dealing with as, you know, as consumers is, uh, the one that has to be done manually. You have to have a USB drive, go to that computer, the endpoint, that's the name of it, you know, from, you know, from a technical point of view. And then go and delete that file. That that's the file that created all this. Now you're talking about thousands of computers has to be done manually. So, it's not days, it could be weeks.
And, Ahmed, do you expect, um, bad actors, criminals to try to take advantage of this event in some way?
They, they already started. I mean, and they always on this standby, uh, you know, chaos or state where if there is any kind of chaos anywhere in the world that created by online services, they will do many things. For example, fake website that will tell people, okay, just, you know, enter your information here or download this program that's going to fix the problem. Uh, impersonation. Somebody will start calling those companies and say, I am from CrowdStrike or from Microsoft and I would like to get access to your system so I can fix it. Uh, the other thing is that sending some kind of script, which is the programs to fix that, the the problem, and fishing emails, um, sent by millions and somebody will click on it and then we're going to have a ransom problem instead of dealing with this.
So, I mean, all that sounds pretty spooky. If you're a viewer and you're listening to this, what steps should you take to try and protect yourself from those threats?
Well, number one is there's there's an important principle in cybersecurity, which is think before you click. And always check the source. For example, if I receive an email or a phone call, or, you know, I look at the website, and I have this feeling that this is, this website is there's a problem because the link looks, uh, you know, shady in a sense, then don't even go close there. Go to the website of the company, CrowdStrike or Microsoft, and look for the help from them. Don't try to get it, you know, straight from somebody else. And this is what they've been talking about the whole morning.
Would you expect, Ahmed, after all is said and done here from Microsoft, to re-evaluate the relationship it has with CrowdStrike?
I think this is will be a possibility. I don't think that the Microsoft is happy with the PR that generated and the loss in the stock market that they hit, you know, by by this kind of action, because Josh, the one of the things about why this one is really went through the cracks and nobody noticed it is, you never question updates. When you have an update, you know, for Windows or update for whatever software, you know, it's coming from the company, so it's safe. So, what happened is that went through all those 8.5 million devices, and they are really in a very essential point of our economy. I'm not going to be surprised of Microsoft, you know, is looking at it very carefully and trying to see if this is a, this relationship can continue, find finding plan B for them, because it's not good for Microsoft at all.
Related Videos
For more expert insight and the latest market action, click here to watch this full episode of Asking For A Trend.
This post was written by John Lesinski