this post was submitted on 19 Jul 2024
28 points (91.2% liked)

Security

522 readers
6 users here now

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don't be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
 

Caused by security firm CrowdStrike that issued an update.

top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 3 months ago* (last edited 3 months ago) (1 children)

It sounds like it would be a bad day to have a heart attack. From YC

There's some doctors and other emergency room staff mentioning it on /r/medicine too.

Several hours ago, I was watching the comments move really fast on /r/crowdstrike, /r/sysadmin and YC. I made a comment on [email protected], but quickly removed it because I didn't want to create or add to any hysteria. It sounds like a mostly simple fix, but some organizations have thousands of computers. (I saw someone claim on reddit they had 70,000 endpoints they had to fix)

It seems like the largest failure that's happened in IT.

edit: I mixed /r/medicine with /r/sysadmin in the last paragraph of my comment, it's fixed now.

[–] [email protected] 2 points 3 months ago

With deaths involved and not just delayed, I wonder if the repercussions will be greater. I fear they will not.

Most likely hospitals and other infrastructure are critically underfunded and are running terribly outdated systems with no money for upgrades or restructuring to move to more secure systems. They could sue, but even if they win, it might not return enough money to do what needs to be done in order to minimize the risk of future such events.

Anti Commercial-AI license

[–] [email protected] 4 points 3 months ago

The outage is due to an update on anti-virus software from Crowdstrike. Yeah it's easy to pin it on Microsoft and they're not exempt from blame but av software runs with high privileges so it's gonna have serious consequences if it hits the fan. As it has.