The issue, which occurred after the company pushed an update to its main software, caused Windows 365 Cloud services to malfunction and become inoperable. Initially, many pointed fingers at Microsoft, only to realize later that the fault lay with CrowdStrike.
HighlightsUser claimed CrowdStrike’s extensive reach and data collection makes it a major “threat vector.“Users reacted with disbelief and suspicion over the accuracy and timing of the prediction.CrowdStrike CEO denied any security breach, attributing issue to a product update.
In a detailed post, the Redditor accused the firm of being a “threat vector” — an IT term that refers to particularly vulnerable aspects of cybersecurity networks thathackerscan exploit in order to launch avariety of attacks. These may include extortion via ransomware, taking control of systems, data theft, and, as seen in CrowdStrike’s case, causinglarge-scale system failures.
RELATED:
A Reddit user warned the internet of CrowdStrike’s security vulnerabilities just hours before a system failure affected all of its associated devices around the world
Image credits:r/wallstreetbets
First, the prevalence of CrowdStrike among Fortune 100 companies. The firm provides security services to 44 out of 100 of said enterprises, alongside 9 out of 20 major banks and 7 of the top 10 largest energy institutions in the country. This extensive reach makes it thenumber oneleader in the endpoint protection market, according to business intelligence firm 6sense.
Second, the widespread collection of all businesses’ “endpoint data,” which they then use and compare to provide insight. This means, the user argues, that every company that utilizes CrowdStrike becomes part of a “Data Commune,” which in IT terms means that the private information of each business is shared across their network, which ahackercould then exploit to access mass amounts of sensitive information.
Third, CrowdStrike has administrative access to every device, also known as “endpoints,” across thousands of firms. The user claims this was instrumental in the massive and coordinated nature of the recent outage.
The Redditor concluded that all of the above factors combined make CrowdStrike a “threat vector,” whichhacker groupscan easily exploit to cause widespread damage across many different systems and demand ransom through stolen sensitive data.
Users reacted with disbelief at the accuracy and timing of the critique of CrowdStrike, which was uploaded just a few hours before the company “crashed the world”
Image credits:CrowdStrike
The original post was written approximately 5 hours before the global IT crisis occurred, which caused many users to be skeptical and discredit his claims.
Many, some more jokingly than others, reacted with suspicion at the timing of the post, which was updated a few hours before thecybersecurityincident occurred.
As one commenter noted, “He tells us that Crowdstrike is a threat vector. A few hours later, every computer in the world with the Crowdstrike client installed goes blue screen. The single biggest global PC system collapse in history. Just uncanny.”
“The fact that CrowdStrike just took out half the internet shortly after this post is hilarious,” pointed a user.
“How much money did you make with this prediction?” asked another.
“This aged perfectly,” a commenter pointed out. “Yeah, you’re getting a visit from the Feds,” warned another.
One even shared his own experience with the outage, “Crowdstrike just f–d our company computers and we’re not alone. Last patch is causing blue screen loops on 500 PCs and my partner’s company is impacted too.”
As the company experienced reputational damage, the CEO of CrowdStrike took to X to reassure his shareholders that no security breach had occurred
CrowdStrike’s CEO George Kurtz delivered anofficial statementon X denying any claims of a possible security breach.
“Today was not a security or cyber incident. Our customers remain fully protected,” he stated, promising users that “the issue has been identified and a fix has been deployed.”
He confirmed that the outage occurred because of an update to one of their products for Windows and assured his clients that no unauthorized third party was involved.
The statement received mixed responses, with many still wary of further malfunctions.
“There’s no way the timing of this crazy post aligns so perfectly”: Users were left suspicious and impressed at the post
Thanks! Check out the results:You May LikeDisney Worker Downloads Free AI Tool—Loses Job And $200,000 BonusesLei RVTitan Sub’s Eerie Last Moments Exposed In Newly Released Audio: “A Disaster Waiting To Happen"Lei RV25 Actors Who Faced Their Downfall Just Steps Away From Making It BigLei RV
Lei RV
News
