Futaba _ Webs πΈπΈππΈπΈ
CrowdStrikes Foul Play πΈπΈππΈπΈ
Todayβs article is going to focus on a sensitive topic regarding CrowdStrike, where they basically mocked one of their clientele, Delta Air lines, who was affected during the CrowdStrike outage, essentially shifting the blame and stating their delay in recovery was their fault. This is a BIG deal seeing as their reputation is on the line and they crippled 8.5 million systems around the globe, some of which were medical systems which is a BIG deal! In other words, to better summarize this, they basically said βNah bro itβs YOUR fault your systems went down!β
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Todayβs article is going to focus on a sensitive topic regarding CrowdStrike, where they basically mocked one of their clientele, Delta Air lines, who was affected during the CrowdStrike outage, essentially shifting the blame and stating their delay in recovery was their fault. This is a BIG deal seeing as their reputation is on the line and they crippled 8.5 million systems around the globe, some of which were medical systems which is a BIG deal! In other words, to better summarize this, they basically said βNah bro itβs YOUR fault your systems went down!β I spoke about the matter before and discussed why itβs actually considered a security incident, one of the biggest weβve ever had, many of which thought the complete opposite. I also dived into a sensitive topic regarding cloud based security and the overall dangers of it. If you would like to hear more about it, including a lot of my original points surrounding the CrowdStrike incident, check out this post here where I give my full insights on the matter. The goal of todayβs article is to discuss an important matter on WHEN itβs the end users fault or the vendor/providers fault during a security incident/breach. This is a HIGHLY debated matter thatβs usually skewed all across the board!
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Is it Deltaβs Fault? π When is it the End Users Fault? π When is it the Vendors Fault? π What Should CrowdStrike Do? π Capitalize You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π My Insights π Delta Airline Incident
π CrowdStrikes Foul Play
Is it Deltaβs Fault? πΈπΈππΈπΈ
NO! It is NOT their fault it took them so long to recover. Donβt let the gaslighting fool you, itβs CrowdStrikes fault!
Be mindful, the CrowdStrike incident CRASHED systems, and when I mean CRASH, I mean BLUE SCREEN of death crash, meaning the entire system was NON functional and needed a hard reboot! Every system that had incorporated their software was essentially taken off the map!
Crowdstrikes counter argument to them was partially because Delta Air Lines admitted to turning off automatic updates from them which they consider to be βlack of Cyber Security knowledgeβ on their end, which IS NOT bad Cyber Security practice! Itβs good to do manual updates as you can filter out any bad updates should they occur! HOWEVER, be mindful, they did not refuse to apply major security updates where needed, so that argument from CrowdStike is a slap in the face to one of their victims!
Also, even with them turning auto updates off, they were STILL impacted during the major security incident! I want you to let that sink in a bit!
You can find out more about the Delta Air Lines incident here!
When is it the End Users Fault? πΈπΈππΈπΈ
Ever have stuff like MFA and various other security upgrades from apps shoved in your face? Ever had it forced on you otherwise you LITERALLY canβt use the app? It probably felt like a cold call from a salesman and you probably opted out of it just so you can go on with your day.
THAT my friend is WHEN itβs the end users fault!
Itβs only the end users fault when they CHOOSE to NOT apply the security you set in place! CrowdStrike on the other hand, EVERYONE relied on it and CHOOSE to apply their security into their systems!
Another example of when it would be the end user's fault, is a penetration tester telling them whatβs wrong with their systems and they CHOOSE to accept the risk rather than mitigate it!
When is it the Vendors Fault? πΈπΈππΈπΈ
Itβs only the vendor/providers fault when they FAIL to maintain the security for their systems set in place to protect end users.
A good example of this would of course be none other than CrowdStrike themselves, where EVERYONE applied the security but CrowdStrike FAILED to MAINTAIN the security!
Be mindful, CrowdStrike provides cloud based SECURITY to peopleβ¦. soβ¦. if they FAIL to maintain itβ¦ EVERYONE that relied on their service faced not only a security outage, but someβ¦ A SECURITY BREACH!
What Should CrowdStrike Do? πΈπΈππΈπΈ
COMPENSATE THEM OF COURSE!
Itβs sad when the best of the best stoop so low and avoid accountability!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
