THE IMPACT OF THE CROWDSTRIKE FAILURE ON THE MEGA PASSWORD LEAK: IS THERE A CONNECTION? P. 2
DOI:
https://doi.org/10.31891/2307-5732-2024-341-5-36Keywords:
cybersecurity, data breach, malware, cybercrime, CrowdStrikeAbstract
This paper examines the devastating consequences of the Falcon detector by the cyber company CrowdStrike, the loss of data, the Windows critical error blue screen of death (BSOD), and the loss of the company's reputation. The article has analyzed many primary sources, articles, and publications to delve as hard as possible into the complex mix of cyber security and reveal the implications for digital security as well. The analysis carried out in this work shows such methods as social engineering, human factors, the carelessness of programmers who released updates, the carelessness of staff during a mass failure, and panic.
The article begins with an hourly diagram of the chronology of events of the mass failure of the company CrowdStrike, how the computers picked up the viral update itself, what had to be done and what methods of countering the threat were proposed in the analysis. The authors then analyzed surface and detailed metric analysis from Sevco Security CEO J.J. Guy between July 19 and 22. Subsequently, reports from the official CrowdStrike website were analyzed a month before the event with decent results from the Falcon detector. Although CrowdStrike's primary focus is to protect customer systems point-to-point. They could not protect themselves from OS updates and critical system errors. Such an incident raises concerns about the effectiveness of existing security protocols. This may signal that there are no universal systems, and no one is immune to human error, updates, or social engineering, as demonstrated in the work.
In addition, the vulnerability of the C++ language was demonstrated in the work. The article analyzes file dumps and analyzes the C++ language, where there was an error in the dump. In the future, it can be assumed that if the company used a newer programming language or at least some means of quarantine and testing on individual systems, such a problem, as this article considers, could be avoided. In conclusion, it should be noted that the field of cyber security is a field of constant innovation, collective awareness, and the ability of personnel to counter everything from phishing spam e-mails to a global failure in the IT field. The purpose of this article is to remind employees in this field to counter the threats of inattention, carelessness, and global panic. Which can be used by cybercriminals. From the mistakes demonstrated in the article, you can learn what happens in one company in the digital world, which can affect everyone's life. It sheds light on the urgent challenge of a collaborative effort to ensure a safe environment for us all.
