{"id":87966,"date":"2024-07-22T18:34:14","date_gmt":"2024-07-22T08:34:14","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=87966"},"modified":"2024-07-22T18:34:14","modified_gmt":"2024-07-22T08:34:14","slug":"crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/","title":{"rendered":"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore"},"content":{"rendered":"
\"\"<\/figure>\n

The recent CrowdStrike outage was not <\/span>just <\/span>a technical hiccup; it was a seismic tremor that exposed the brittle foundations <\/span>on which Australia’s digital economy <\/span>stands.\u202f<\/span><\/p>\n

A faulty security update,\u202fa false positive<\/span>\u2014 <\/span>and suddenly<\/span>\u202fthousands of businesses worldwide found their digital defences compromised.\u202f<\/span>It<\/span> wasn’t a cyberattack,\u202fbut <\/span>it provided<\/span> a <\/span>glimpse into<\/span> the chaos that could<\/span> follow<\/span> if a<\/span> widespread cyber attack were <\/span>launched against critical infrastructure.<\/span><\/p>\n

As such, the CrowdStrike incident exposed several glaring weaknesses in our current approach<\/span> and has underscored the need for a fundamental shift in our cybersecurity culture.<\/span> To mitigate these risks,\u202fAustralia must adopt a proactive and multi-faceted approach to cybersecurity,\u202fmoving beyond reactive measures and embracing a culture of resilience.<\/span>\u00a0<\/span><\/p>\n

Many organisations still underestimate the gravity of cyber threats,\u202fviewing them as an IT problem rather than a strategic business risk.\u202fThis complacency is a dangerous luxury we can no longer afford.\u202fCybersecurity is not just about firewalls and antivirus software; it’s about building a resilient organisation that can withstand and recover from cyberattacks.<\/span><\/p>\n

CrowdStrike,\u202fa cybersecurity behemoth,\u202ffound itself red-faced as its Falcon platform,\u202fdesigned to safeguard clients from cyber threats,\u202fironically turned into the threat itself.\u202fThe faulty update<\/span> meant Falcon<\/span> misidentif<\/span>ied<\/span> legitimate files as malicious,\u202fcrippling endpoint protection<\/span>\u202fand <\/span>meaning clients could only continue <\/span>operating<\/span> if they disabled their security, which would leave them vulnerable to intrusions.<\/span><\/p>\n

In Australia and around the world, <\/span>airlines, financial services, supermarkets and ports were disrupted and in some cases forced temporarily to shut down.<\/span><\/p>\n

This incident is far from an isolated event.\u202fIn 2017,\u202fBritish Airways suffered a catastrophic IT failure that grounded flights worldwide,\u202fcausing chaos for hundreds of thousands of passengers.\u202fThe 2021 Fastly outage took down major websites, including Amazon,\u202fReddit,\u202fand The New York Times,\u202ffor hours.\u202f<\/span><\/p>\n

T<\/span>he CrowdStrike outage <\/span>once again<\/span> show<\/span>ed<\/span> the <\/span>vulnerability of our digital ecosystem.\u202fWe are tethered to a complex web of interconnected systems,\u202feach with its potential points of failure.<\/span><\/p>\n

Our digital economy,\u202fwhile a marvel of innovation and efficiency,\u202fis also a sprawling attack surface for malicious actors.\u202fThe increasing sophistication of cyber threats,\u202ffrom ransomware attacks to state-sponsored espionage,\u202fdemands a robust and multi-layered defence strategy.<\/span><\/p>\n

The first clear problem is <\/span>our<\/span> over-reliance on a single vendor for critical security services<\/span>.\u202fWhen that vendor stumbles,\u202fthe impact can be <\/span>disproportionate<\/span>.\u202fThe lack of redundancy and backup systems in many organi<\/span>s<\/span>ations <\/span>leav<\/span>es<\/span> them vulnerable to operational paralysis in the event of a disruption.<\/span><\/p>\n

We must dismantle this dangerous reliance on single vendors for critical services.<\/span> Instead of p<\/span>utting all our eggs in one basket<\/span>,<\/span> we must d<\/span>iversify<\/span> our cybersecurity providers <\/span>to<\/span> reduce the impact of any single vendor’s failure <\/span>and<\/span> also <\/span>foster a more competitive and innovative market for security solutions.\u202f<\/span><\/p>\n

This could involve distributing critical functions across multiple providers, ensuring that a disruption in one doesn’t cripple the entire system.<\/span><\/p>\n

We must<\/span> invest heavily in redundancy and backup systems.\u202fOur critical infrastructure,\u202ffrom banking systems to power grids,\u202fshould be designed with multiple layers of redundancy,\u202fensuring that even if one component fails,\u202fthe system can continue to operate seamlessly.\u202fRegular backups of data and critical applications are non-negotiable.\u202fThis includes not just storing backups on<\/span>–<\/span>site but also maintaining secure off-site copies to protect against physical disasters or targeted attacks.<\/span><\/p>\n

Second,\u202fthe incident highlights the need for more comprehensive and agile incident response plans.\u202fOrganisations need to be able to quickly identify and address disruptions,\u202fminimizing the impact on their operations and customers.\u202f<\/span><\/p>\n

They<\/span> need<\/span> comprehensive,\u202fwell-documented plans that are regularly tested and refined.\u202fThese plans should clearly delineate roles and responsibilities,\u202festablish robust communication channels,\u202fand detail escalation procedures for different types of incidents.\u202fThe goal is to create a well-oiled machine that can spring into action at the first sign of trouble,\u202fminimizing downtime and mitigating damage.<\/span><\/p>\n

Third<\/span>,\u202fAustralia needs to adopt a zero-trust approach to cybersecurity.\u202fThis means assuming that every user and device,\u202feven those within the network perimeter,\u202fcould be compromised.\u202fThis approach necessitates continuous monitoring and verification of all users and devices,\u202fmicro-segmentation of networks to limit lateral movement,\u202fand the use of multi-factor authentication to secure access to sensitive data.<\/span><\/p>\n

Finally,\u202fwe must foster a culture of cyber awareness that permeates all levels of society,\u202ffrom the boardroom to the classroom.\u202fThis means educating not just IT professionals but also business<\/span> leaders,\u202fpolicymakers,\u202fand the general public about the evolving cyber threat landscape.\u202fRegular training and awareness programs should be mandatory for all employees,\u202femphasizing the importance of vigilance,\u202fsecure practices,\u202fand prompt reporting of suspicious activity.<\/span><\/p>\n

By embracing these measures,\u202fAustralia can transform its digital economy from a house of cards into a fortress.\u202fWe can create a system that is not just resilient to cyberattacks and technical glitches but also adaptable to the ever-evolving threat landscape.\u202fThis is not just about protecting our economic interests; it’s about safeguarding our way of life in the digital age.\u202f<\/span><\/p>\n

The CrowdStrike outage is a wake-up call<\/span>\u2014a <\/span>reminder that our digital economy is not invincible.\u202f<\/span>\u202fThe question is not whether another incident will occur,\u202fbut when.\u202f<\/span><\/p>\n

The time for complacency is over.\u202fWe need to act now to safeguard our digital future.\u202f The stakes are <\/span>too high to ignore.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

The recent CrowdStrike outage was not just a technical hiccup; it was a seismic tremor that exposed the brittle foundations on which Australia’s digital economy stands.\u202f A faulty security update,\u202fa false positive\u2014 and suddenly\u202fthousands of …<\/p>\n","protected":false},"author":1989,"featured_media":87968,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[391,95,2138,973,332],"class_list":["post-87966","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-cyber","tag-cyber-security","tag-cybersecurity","tag-information-operation","tag-technology","dinkus-crowdstrike-outage"],"acf":[],"yoast_head":"\nCrowdStrike glitch sounds a cybersecurity alarm we cannot ignore | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore | The Strategist\" \/>\n<meta property=\"og:description\" content=\"The recent CrowdStrike outage was not just a technical hiccup; it was a seismic tremor that exposed the brittle foundations on which Australia’s digital economy stands.\u202f A faulty security update,\u202fa false positive\u2014 and suddenly\u202fthousands of ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-22T08:34:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2024\/07\/GettyImages-2162025156.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Andrew Horton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andrew Horton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI's analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2024\/07\/GettyImages-2162025156.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2024\/07\/GettyImages-2162025156.jpg\",\"width\":1024,\"height\":683,\"caption\":\"The CrowdStrike logo is being displayed on a smartphone with the CrowdStrike web page visible in the background in this photo illustration in Brussels, Belgium, on July 19, 2024. (Photo Illustration by Jonathan Raa\/NurPhoto via Getty Images)\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/\",\"name\":\"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#primaryimage\"},\"datePublished\":\"2024-07-22T08:34:14+00:00\",\"dateModified\":\"2024-07-22T08:34:14+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/cc9618825e743c135b2cdcd98d1e53eb\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/cc9618825e743c135b2cdcd98d1e53eb\",\"name\":\"Andrew Horton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b76872187c0859dea6fdd627c6ebb71a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b76872187c0859dea6fdd627c6ebb71a?s=96&d=mm&r=g\",\"caption\":\"Andrew Horton\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/andrew-horton\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/","og_locale":"en_US","og_type":"article","og_title":"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore | The Strategist","og_description":"The recent CrowdStrike outage was not just a technical hiccup; it was a seismic tremor that exposed the brittle foundations on which Australia’s digital economy stands.\u202f A faulty security update,\u202fa false positive\u2014 and suddenly\u202fthousands of ...","og_url":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2024-07-22T08:34:14+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2024\/07\/GettyImages-2162025156.jpg","type":"image\/jpeg"}],"author":"Andrew Horton","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Andrew Horton","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI's analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2024\/07\/GettyImages-2162025156.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2024\/07\/GettyImages-2162025156.jpg","width":1024,"height":683,"caption":"The CrowdStrike logo is being displayed on a smartphone with the CrowdStrike web page visible in the background in this photo illustration in Brussels, Belgium, on July 19, 2024. (Photo Illustration by Jonathan Raa\/NurPhoto via Getty Images)"},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/","url":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/","name":"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#primaryimage"},"datePublished":"2024-07-22T08:34:14+00:00","dateModified":"2024-07-22T08:34:14+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/cc9618825e743c135b2cdcd98d1e53eb"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/crowdstrike-glitch-sounds-a-cybersecurity-alarm-we-cannot-ignore\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/cc9618825e743c135b2cdcd98d1e53eb","name":"Andrew Horton","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b76872187c0859dea6fdd627c6ebb71a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b76872187c0859dea6fdd627c6ebb71a?s=96&d=mm&r=g","caption":"Andrew Horton"},"url":"https:\/\/www.aspistrategist.ru\/author\/andrew-horton\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/87966"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/1989"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=87966"}],"version-history":[{"count":5,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/87966\/revisions"}],"predecessor-version":[{"id":87972,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/87966\/revisions\/87972"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/87968"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=87966"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=87966"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=87966"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}