Case Study : A Cyber Attack or A Flaw?
“Blue Death Screen” — Not knowing what it is now and what actually happened on that day. All cyber elites and active people around the world have been shocked with the surprise visit of the “Blue Screen of Death.”
The incident taking place on 19th July, 2024 (Friday), just after the day the company named “CrowdStrike” sent it’s update to the customers that run the Microsoft Windows Software that suddenly the computers began to crash.
To the people who don’t know what is “CrowdStrike” or what is “CrowdStrike Falcon”?
CrowdStrike is a Cyber Security Company based in Austin, Texas builds and develops the software which are used by the corporations and agencies to safeguard from the cybercriminals and online intruders. Also, this company as well provides services for cutting-edge threat identification and reaction system. This company provides an agent named “Falcon” on the CrowdStrike Falcon platform. This CrowdStrike Falcon offers threat intelligence, incident response, and endpoint detection and response (EDR) services to safeguard enterprises. Falcon Agent of this company is developed to thwart breaches with a cohesive suite of cloud-delivered solutions that thwart malware and other threats.
But, being this hyped and well known company which provides these many facilities and services of cyber security a single incident kept their reputation at stake leading to “Question the CrowdStrike Company”. That day the security was compromised and CrowdStrike got questioned…. On the July of 19th, Airlines, Hospitals and the people’s computer with the falcon agent was affected and the work was compromised.
As the incident was mentioned to be severe as many of the services were affected and the tasks were compromised, the CEO statement was received amid all the chaos stating that it was just a coding mistake. As it was well observed that the mac and the Linux were not at all affected.
There were several questions related to the scenario of the Incident day. What happened on 19th July?
On the 19th July, 2024, There were two more instances of the IPC template deployed. One of both template instances passed validation even though it had invalid content data, which was due to a defect in the content validator. According to the testing conducted, prior to the template type’s initial deployment on March 5, 2024, trust in the content validator’s checks when data from the sensor was received and packed into the content validator/interpreter. In channel file 291, problematic content caused an out-of-bounds, which was found and fixed within 78 minutes following it was released. Earlier effective IPC template instance placements also involved the deployment of these instances.
This problem made a chaos and lead to the question that was it a cyber attack or was it a code mistake? According to the CEO statement that came out that day mentioning that it was the flaw in their code which caused the major disruptions. So, what do you all think???? What was it? A Cyber Flaw or a Cyber Attack???? A case study which is still unresolved needs to be resolved… So, what was it — A chaos for the Cyber Attack or A Code Mistake?
