The CrowdStrike cyber event affected 8.5 million Windows machines and was the biggest IT outage in history. It has “beaten” even the cyber attacks of WannaCry and NotPetya.

https://www.bbc.com/news/articles/cpe3zgznwjno

Can/will this method be used by hackers? What would they need to do to take advantage of that vulnerability?

EDIT: typo

  • Nollij@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    5
    ·
    4 months ago

    “Hackers” (rather, malicious actors) rarely look to take down IT resources as their goal. Instead, they want to access it for their own purposes. The closest example would be ransomware, where it gets taken down as part of the threat/punishment. But if the victim pays, their resources must be restored.

    Plus, I would be surprised if Crowd Strike doesn’t have any protections on its own files. I also expect there will be additional verification checks (hash/etc) on their updates going forward.

    • BlizzardOP
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      4 months ago

      malicious actors rarely look to take down IT resources as their goal

      Could be a hostile government sponsored group or idealists (Microsoft has more haters than fans) or simply someone could do it just because they can - if they could. Some men just want to see the world burn.

      • Sethayy@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        4 months ago

        They could also DDOS essentially anything with root access to that many devices.

        Its like taking all the armies guns to throw them in a volcano ‘cause you want to see the world burn’