Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

CrowdStrike VP outlines response to July outage to US congressional subcommittee

Following an outage that impacted companies all over the world, cyber security firm CrowdStrike has revealed a full revamp of its testing procedures.

user icon David Hollingworth
Wed, 25 Sep 2024
CrowdStrike VP outlines response to July outage to US Congressional subcommittee
expand image

CrowdStrike’s senior vice-president, counter adversary operations, Adam Meyers, has outlined the company’s response to a catastrophic global outage that saw retailers, airlines, broadcasters and more taken offline or disrupted in July this year after a faulty update was rolled out to its Falcon cyber security platform.

Meyers appeared before the Committee on Homeland Security’s subcommittee on cyber security and infrastructure protection on 24 September.

However, before going into detail on CrowdStrike’s response to the incident, he offered a sincere apology for the disruption.

============
============

“On behalf of everyone at CrowdStrike, I want to apologise. We are deeply sorry this happened and are determined to prevent it from happening again,” Meyers said in a prepared statement.

“We appreciate the incredible round-the-clock efforts of our customers and partners who, working alongside our teams, mobilised immediately to restore systems and bring many back online within hours. I can assure you that we continue to approach this with a great sense of urgency.”

Meyers also reiterated that the incident was not a cyber attack and that most systems had been rapidly restored.

“More broadly, I want to underscore that this was not a cyber attack from foreign threat actors. The incident was caused by a CrowdStrike rapid response content update,” Meyers said.

“We have taken steps to help ensure that this issue cannot recur, and we are pleased to report that, as of July 29, approximately 99 per cent of Windows sensors were back online.”

After outlining CrowdStrike’s security operations, how its Falcon platform works, and the details of how the faulty update was able to roll out to systems around the world, Meyers went into detail on the measures CrowdStrike has taken to ensure a similar incident is not repeated.

“We have successfully deployed critical detection and preventions over the past decade, validated and tested by our processes, to protect organisations against millions of threats from sophisticated adversaries without such an incident,” Meyers said.

“Since July 19, 2024, we have implemented multiple enhancements to our deployment processes to make them more robust and help prevent recurrence of such an incident – without compromising our ability to protect customers against rapidly-evolving cyber threats.”

CrowdStrike has rolled out new validation checks to ensure that the expected inputs between sensors and their associated rules match, alongside enhanced testing procedures “to cover a broader array of scenarios”.

Customers have also now been given more control over how updates are configured and deployed, while also introducing a more graduated rollout of updates so that any issues can be caught and remediated before becoming a widespread issue.

The company has also introduced more runtime checks and is continuing to work on enhancing its quality assurance techniques. Finally, CrowdStrike has brought in third-party vendors.

“We have engaged two independent third-party software security vendors to conduct further Falcon sensor code and end-to-end quality control and release processes reviews,” Meyers said.

Meyers finished by broadly outlining the nature of the current threat landscape, from hacktivists and nation-state actors to cyber criminals, before talking up the company’s ongoing commitment to its clients.

“We have long focused on protecting the resiliency of critical organisations and infrastructure against sophisticated adversaries,” Meyers said.

“Going forward, we will build upon our long-standing contributions to cyber security by continuing to share our lessons learned on ecosystem resiliency.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.