So as we all know on the news, the cybersecurity firm Crowdstrike Y2K’d it’s own end customers with a shoddy non-tested update.
But how does this happen? Aren’t there programming teams and check their code or pass it to a quality assurance staff to see if it bricked their own machines?
8.5 Million machines too, does that effect home users too or is it only for windows machines that have this endpoint agent installed?
Lastly, why would large firms and government institutions such as railway networks and hospitals put all their eggs in one basket? Surely chucking everything into “The Cloud (Literally just another man’s tinbox)” would be disastrous?
TLDR - Confused how this titanic tits up could happen and that 8.5 Million windows machines (POS, Desktops and servers) just packed up.
Perhaps instead of clients using two different security systems, Crowd strike and similar companies could have two or more completely independent teams sending out separate versions of their hourly updates. That way when something like this happens it would likely not bring down all of a client’s systems, and help resilience? It could be made into a requirement for providing security software to critical/strategic industries like healthcare, power transmission/distribution, defense, etc.