In a world where online data breaches are all too frequent, companies that specialize in malware removal, hacked website recovery, and hacked WordPress help have important roles to play. One such organization, CrowdStrike, faced a significant problem recently when a unique blend of factors resulted in the globally recognized Falcon EDR sensor crashing. This crash resulted in an expansive outage, disrupting over 8.5 million Windows users. In a public apology, CrowdStrike’s CTO George Kurtz and President Michael Sentonas explained the event’s root causes and their subsequent steps to prevent such incidents.
The root cause of the crash was documented by CrowdStrike as consisting of a mismatch between the inputs validated by a Content Validator and those accepted by a Content Interpreter. Further, an out-of-bounds reach issue was identified in the Content Interpreter, with a problem also encountered during the update’s testing and deploying process. Alarmingly, sensors that received the new version of Channel File 291 exposed a hidden out-of-bounds read issue in the Content Interpreter. An attempt to access a non-existent 21st input value contributed to a system crash, with only 20 values expected by the Content Interpreter.
The fallout from this crash was unprecedented, with CrowdStrike admitting that such a scenario should never recur. The company is currently making systematic changes to ensure further enhanced resilience. In light of improving the Falcon sensor’s code for security and quality assurance, two independent software security vendors have been contracted to conduct a detailed review, with a third-party reviewing its quality process.
“Owning” Its Mistakes
The cinematic break in CrowdStrike’s streak of successes and advancements in malware removal led to some startling admissions. At the Innovators & Investors Summit at the Black Hat USA conference, CrowdStrike CTO George Kurtz responded to a question about what went wrong with an apology that seemed to be appreciated by the audience. Following their public “mea culpa”, the company released the root cause analysis results, acknowledging the severity of their failures and showing their commitment to quality assurance and resilience.
The firm stepped forward in owning up to its failure by accepting the Pwnie Award for Most Epic Fail of 2024. This award recognises both outstanding successes and failures in the cybersecurity realm on an annual basis. The Pwnie Awards described the Epic Fail category as a failure that lets the entire infosec industry down–an accurate summary of the impact.
The category recognition emphasized the extent of the mishap, with CrowdStrike being named as an automatic winner given the widespread effect of the outage. A larger than standard two-tiered trophy was presented to CrowdStrike – a physical representation of the event’s magnitude. This trophy has found a prominent place in the company’s Austin, Texas headquarters, serving as a poignant reminder that “these things can’t happen”.
Accepting the award, Sentonas displayed admirable ownership with his speech. He acknowledged that while it was necessary to take credit for successes, it was equally important, if not more, to accept responsibility for significant failures. He reaffirmed the company’s dedication to learning from the incident and enhancing its resilience for the future.
This dedication to improvement and learning from mistakes is the hallmark of a responsible company, and CrowdStrike leads the way by owning its failures and working towards providing top-tier help for hacked WordPress and website recovery, as well as malware removal services.
Need security services for your WordPress site? Contact DrGlenn for protection and recovery. Order Services Today!.