WEST PALM BEACH, Fla. — After a faulty software update caused technological havoc worldwide on Friday, WPTV asked experts how it happened and what you can do to prepare for the next outage.
The breadth of the outages highlighted the fragility of a digitized world dependent on just a few providers for key computing services.
The trouble with the update issued by cybersecurity firm CrowdStrike affected customers running Microsoft Windows. It was not the result of hacking or a cyberattack, according to CrowdStrike, which apologized and said a fix was on the way.
Dr. Mehran Basiratmand of Florida Atlantic University told WPTV reporter Michael Hoffman that CrowdStrike (Falcon) is a highly respected software and that the situation is unusual and unavoidable for users.
“It’s really rare," said Dr. Basiratmand. "In the past 10 years we’ve had maybe two episodes of this. Companies do a much better job today testing their products before releasing it.”
Basiratmand said the best protection against similar outages is to use one vendor across all hardware, so in the event of a massive issue only one company needs to be called.
"It's generally a sound idea to have as many utilities and as many programs from the company that put the operating system on it," Basiratmand said. "For example, if you have an Apple product [you should use] as many Apple products as you can on this device."
WATCH BELOW: IT expert explains what you can do to reduce issues from future IT outages
Is there a fix?
Disruptions continued hours after CrowdStrike first identified the issue. But both the company and Microsoft say that they're working to get systems back online.
In an emailed statement, Crowdstrike said that it was “actively working with customers impacted by a defect found in a single content update for Windows hosts" — adding that a fix “had been deployed” for the identified issue.
Microsoft spokesperson Frank X. Shaw said that the company was “actively supporting customers to assist in their recovery.” Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.
WE'RE STANDING UP FOR YOU!
Do you have a concern in your community or a news tip? WPTV wants to hear from you!
Email us: newstips@wptv.com
While the problem is fixable, it requires some expertise. Some cybersecurity experts warn of bad actors who may reach out claiming they can help. Smaller companies or organizations with less IT resources are particularly at risk.
Gartner analyst Eric Grenier noted that those impacted should make sure they're talking to trusted organizations as they work towards recovery. “Attackers will definitely prey on organizations as a result of this," he said
 
National News
CrowdStrike deploys 'fix,' works with those impacted amid global outage
A disturbing reminder of vulnerability
Cyber expert James Bore said real harm would be caused. "All of these systems are running the same software," Bore said. "We’ve made all of these tools so widespread that when things inevitably go wrong — and they will, as we’ve seen — they go wrong at a huge scale."
The head of Germany's IT security agency, Claudia Plattner, said "we can’t expect a very quick solution." A forecast for when exactly all systems will be up and running is difficult, but "it won't be hours," she added.
CrowdStrike said in a recording on its customer service line that the problem was related to "the Falcon sensor," referring to one of its products used to block online attacks. The company says it has 29,000 customers.
In an interview on NBC's "Today Show," CrowdStrike CEO George Kurtz apologized, saying the company was “deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this, including our companies.”
"We know what the issue is" and are working to remediate it, Kurtz said.
 
         
    
         
     
     
     
 
            
            
            