Tim Schughart @ WirtschaftsWoche: His assessment of the CrowdStrike glitch

Could the Crowdstrike glitch that took down 8,5 million Windows devices last Friday have been avoided? 

“Yes!” says Tim Schughart, CEO of ProSec GmbH and IT security expert, in an article in Business Week

Table of Contents

Crowdstrike glitch: What happened?

But let's start at the beginning: On Friday, a faulty software update from the company Crowdstrike led to failures of computers and servers that use the Windows operating system. 

The consequences are felt worldwide, as the company has almost 30.000 customers worldwide, including global players such as Amazon and Intel. 

But smaller customers are also affected, with bank customers no longer being able to withdraw money, hospitals having to postpone operations and flights being cancelled. In Germany, critical infrastructure companies are also affected.  

Criticism of lack of transparency

Tim Schughart, our CEO, is certain that this glitch could have been avoided. He also would have liked to see more transparency in dealing with the problem. 

What we do know is that there was a quality assurance error. And that shouldn't have happened.

tim_schughart_CEO_ProSec

He goes on to say that the key point is the reproducibility of the error, as it affects all customers and not just a small number. Given the extent of the problem, it can be assumed that this update has not been properly tested. 

He also criticizes the way the problem is being handled: Since IT security has to be addressed at the most sensitive points, the risk of destroying something is particularly high. That is why caution is always required here. This is the only way to successfully defend against cyber attacks. 

Schughart also emphasizes, however, that this incident is no reason to fundamentally doubt the quality of the company. 

Further action by the customer required

Crowdstrike will replace the faulty update on Friday. But now, as is often the case, the customer has to take action themselves. Schughart explains that customers often have to manually remove the faulty file from their computer so that the system can then download the new, error-free file. 

In this case, too, customers must take action themselves: Microsoft published instructions for customers with Microsoft cloud machines on Friday that allow them to restore the system state before the update.

What measures can I use to efficiently achieve good cyber resilience?
We advise you personally and individually!
Contact us now
DIVIDE
OTHER CONTRIBUTIONS

Table of Contents