House to grill CrowdStrike exec on epic IT meltdown... no, not the CEO
- Reference: 1725299234
- News link: https://www.theregister.co.uk/2024/09/02/crowdstrike_vp_house_subcommittee/
- Source link:
CrowdStrike hires outside security outfits to review troubled Falcon code [1]READ MORE
However, instead of CEO George Kurtz being called to [2]testify in the subcommittee hearing on September 24 , Adam Meyers, Crowdstrike senior veep of counter adversary operations, is to take to the hot seat.
In July, public testimony from Kurtz was [3]requested . The Register asked CrowdStrike why the top dog wouldn't be present and was told: "We continue to actively and collaboratively work with relevant Congressional Committees. Briefings and other engagement timelines may be disclosed at Members' discretion."
Confirmation of the hearing came at the end of last week, shortly after CrowdStrike [4]reported Q2 figures for FY 2025 ended July 31, where it registered a 32 percent increase in revenue although conceded there would be a bit less in the pot for the rest of the financial year. Guidance of between $3.98 billion and $4.01 billion was cut in light of the July incident.
[5]CrowdStrike file update bricks Windows machines around the world
[6]Angry admins share the CrowdStrike outage experience
[7]The months and days before and after CrowdStrike's fatal Friday
[8]CrowdStrike Windows patchpocalypse could take weeks to fix, IT admins fear
[9]CrowdStrike fiasco highlights growing Sino-Russian tech independence
[10]EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
[11]CrowdStrike update blunder may cost world billions – and insurance ain't covering it all
Microsoft plans to [12]hold a security summit in September, which will doubtless cover the CrowdStrike fiasco. We'd love to tell you more, but the press isn't invited. Transparency? Redmond's heard of it.
Still, the House Homeland Security Committee hearing will be an opportunity for a CrowdStrike exec to be quizzed about what the company intends to do to prevent a repeat of the [13]incident , which took out approximately [14]8.5 million Windows devices and doubtless resulted in a lot of overtime for administrators as IT staff worked to undo the damage.
Subcommittee chairman Andrew Garbarino said: "While the outage was not due to a threat actor, we know our adversaries and opportunistic criminals have been watching closely. They have learned how a [15]faulty software update can trigger cascading effects on our critical infrastructure. It's important the public and private sectors work together to mitigate risk going forward."
Too late now for canary test updates, says pension fund suing CrowdStrike [16]READ MORE
House Homeland Security Committee chairman Mark E Green said: "Considering the significant impact CrowdStrike's faulty software update had on Americans and critical sectors of the economy – from [17]aviation to medical services – we must restore confidence in the IT that underpins the services Americans depend on daily.
"Recognizing that Americans will undoubtedly feel the lasting, real-world consequences of this incident for some time, they deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking to avoid the cascading impacts of outages like this across sectors." ®
[18]
Get our [19]Tech Resources
[1] https://www.theregister.com/2024/08/07/crowdstrike_full_incident_root_cause_analysis/
[2] https://homeland.house.gov/2024/08/30/media-advisory-chairmen-green-garbarino-announce-crowdstrike-witness-for-subcommittee-hearing-on-global-it-outage/
[3] https://www.theregister.com/2024/07/23/crowdstrike_ceo_to_testify/
[4] https://www.theregister.com/2024/08/29/crowdstrikes_q2_earnings/
[5] https://www.theregister.com/2024/07/19/crowdstrike_falcon_sensor_bsod_incident/
[6] https://www.theregister.com/2024/07/19/admin_crowdstrike_update_mess/
[7] https://www.theregister.com/2024/07/25/crowdstrike_timeline/
[8] https://www.theregister.com/2024/07/19/crowdstrike_windows_kettle/
[9] https://www.theregister.com/2024/07/24/foss_gets_geopolitical/
[10] https://www.theregister.com/2024/07/22/windows_crowdstrike_kernel_eu/
[11] https://www.theregister.com/2024/07/26/crowdstrike_insurance_money/
[12] https://www.theregister.com/2024/08/28/microsoft_closed_security_summit/
[13] https://www.theregister.com/2024/07/24/crowdstrike_validator_failure/
[14] https://www.theregister.com/2024/07/25/crowdstrike_timeline/
[15] https://www.theregister.com/2024/07/24/crowdstrike_validator_failure/
[16] https://www.theregister.com/2024/08/01/crowdstrike_lawsuit/
[17] https://www.theregister.com/2024/07/19/crowdstrike_shares_sink_as_global/
[18] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZtY1fU3kcsG8kZnvLo_m0AAAAY8&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[19] https://whitepapers.theregister.com/
Crowdstrike are being provided with staff and technology as part of Microsoft's software testing consultancy.
Blame Microsoft, not Crowdstrike
The reasons all AV software is so fragile is that to protect Windows as a perpetually insecure operating system with new exploits found weekly, and they can only protect so closely to the OS kernel that runs the entire thing before they end up destabilizing it accidentally as we saw. Even when they orgs use endpoint security on Windows, it's still not a guarantee to protect the OS and users. Almost every security software has had their Windows enterprise-breaking moment they've done the same prior, only now with the market dominance of Crowdstrike among enterprises, it was far more pronounced.
At this point enough windows source code has leaked over the years or employees leaving after having been exposed to it, and with Microsoft being hamstrung by billions of lines of legacy code across 3 decades no one even remembers now, it is no wonder how easily found new zero-day exploits are still today.
If you want secure computing, you should start with pretty much anything BUT Windows. You can only blame yourself otherwise.
Re: Blame Microsoft, not Crowdstrike
See the coverage on Dave Plummer's youtube channel (Dave's Garage) - he highlights just how stupid their system is. As a former MS systems programmer he's likely right and these tech-bros are wrong.
..and constrained US citizen's world view
Its surprisingly difficult for Non-USA residents to realise just how small the world-view of the average US citizen can be until you've lived there for a year or so, and to understand that this applies just as much to citizens of cities like New York, Denver and Los Angeles as it does to people living in the midwest states, Texas, West Virginia, etc.
In my opinion this limited world-view is largely the due to the limited coverage of almosy all news sources in the USA. Simply put, there is very little foreign news in newspapers and on TV 'News' and radio stations. Throughout the country: indeed, in many states news coverage doesn't extend as far as neighbouring states unless there's a juicy murder or disaster happens there.
Back in the mid-70s I spent a year working in New York: even there the news on local radio and TV stations was about 95% sports and local news and there was nothing but local coverage in any of the papers apart from The New York Times. Even national US news coverage seemed to extend no further than the state-level Presidential Election razzmatazz: I was there in the year that Ronald Reagan was elected and found the coverage of that very difficult to miss. Middle Eastern, i.e. Israeli, events would be reported, largely to the large Jewish population in NYC, but there was very little non-US news apart from this.
One of my best friends there, another free flight model flier, had never taken a holiday outside the USA despite having done his National Service in Germany before Vietnam kicked off. However, he and his wife did visit Britain and Europe around 2000: AFAIK this was the only foreign holiday he ever took.
If you keep the lack of world news coverage within the US of A in mind and combine it with the general lack of news about other US states you'll not be surprised about what the typical US ciiizen doesn't know about the world outside the state he lives in.
Re: ..and constrained US citizen's world view
Your comment is 100% true but could have been somewhat shorter if the following was taken into account.
The US of A view is that the world *IS* the US of A, with this *truth* you can understand completely the average citizens point of view and apparent lack of interest in the rest of the world !!!
This is fed by the knowledge that only the US of A counts, in any argument, and is the only country of importance.
The US citizens world view is *not* constrained ... just that they have a different definition of the word 'World'. !!!
:)
It's like déjà vu all over again Yogi
“ Faulty software update can trigger cascading effects on our critical infrastructure ”
2010: [1]The Dangers of a Software Monoculture
2005: [2]The Six Dumbest Ideas in Computer Security
[1] https://www.schneier.com/essays/archives/2010/11/the_dangers_of_a_sof.html
[2] https://www.ranum.com/security/computer_security/editorials/dumb/
Juxtapositions
Andrew Garbarino said: "..... It's important the public and private sectors work together to mitigate risk going forward"
and
"Microsoft plans to hold a security summit in September ..... but the press isn't invited."
Then
"Mark E Green said: "Considering the significant impact CrowdStrike's faulty software update had on Americans ....." - yes, I know Homeland Security is to do with the USA but the rest of the world is "out there" and sure as eggs is eggs the USA interacts with it.