Results 1 to 21 of 21

Thread: Crowdstrike and world cyber attack

  1. #1

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Crowdstrike and world cyber attack

    There is a topic but it's in a dark corner on the forums so I don' think if people noticed it.
    So what is your thoughts? Is using global data center systems worth the risk? Meaning the risk of not having transportation banks hospitals etc?

    Actually we have azure at work but we did not see this in action, it did not affect us.

    Also was this a big test disguised as an error?Not saying just asking or it's an innocent "error" Klaus talk about it a few years ago and when Klaus talk...

    My initial thoughts is that we are risking a lot just putting our heads in the ground and hopping nothing would happen. Well..
    The incident clearly showed there was not a backup solution even if there should be one in theory. What if in the near future that everything are zipping into a few global centers is becoming more and more common something similar will happen? And what if people take advantage to do they evil deeds? So is this moving forward of moving backward as global data holding not like it's the innovation of the century. From our part we are having more trouble than benefits with azure. The only one might be not having to preserve servers.But we pay for them "invisibly".
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  2. #2
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    You could also say it was a hiccup in a massively complex system that was fixed relativity quickly. I've pushed out a "stinker" or two.
    Please remember next time...elections matter!

  3. #3
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,692

    Re: Crowdstrike and world cyber attack

    From the sounds of things it wasn't a problem with Azure specifically, any Windows system running the faulty security product was potentially affected. If you are running Windows VMs on any cloud platform and had installed the faulty product you are likely to have been hit by this.

  4. #4

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    Yeah I'm talking about what could potentially happen when systems are merged and merged and merged, to big ones. For example if google was to be hacked.
    I have seen an Azure meltdown , it was for a day , last year? That Impacted us dearly as all our global services where down. Fortunately we don't keep the in house services on Azure so we did not have to fix anything after. We just waited like fools for Azure to recover looking left and right.
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  5. #5
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,692

    Re: Crowdstrike and world cyber attack

    Quote Originally Posted by sapator View Post
    Yeah I'm talking about what could potentially happen when systems are merged and merged and merged, to big ones. For example if google was to be hacked.
    I have seen an Azure meltdown , it was for a day , last year? That Impacted us dearly as all our global services where down. Fortunately we don't keep the in house services on Azure so we did not have to fix anything after. We just waited like fools for Azure to recover looking left and right.
    Whenever I am discussing cloud architectures etc. with clients it is amazing just how much trust they have in a single provider. If everything is in one cloud then what happens if it goes down / offline (e.g. another DNS mess); people either just don't want to consider this, or assume the compensation due from the provider's SLAs will be sufficient (spoiler alert - it most certainly isn't covering anything like your potential losses.

    Any cloud hosted solution needs to consider DR, e.g. on-prem / alternate cloud provider. Just the same as a traditional on-prem environment needs to consider off-site recover / DR facilities.

    Then again people don't seem to be getting any cleverer when it comes to IT ....

  6. #6

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    You are correct but in my case it's "sort" of It fault.
    It was brought to us from the IT manager that talked with another company in the group that assured him that everything was going smooth as a babies buat. Me and the network engineers tried to say a few words to at least have a backup plan as in all of our data but it was an "I know it all and I know it now" decision. Currently we had the azure failure and a LOT of network restarts as Azure instances a falling down. When the security failed worldwide he was jumping up and down asking , are we OK?Are we OK? Talk about assurance.
    Also we have plains in 3 years to bring every major external provided app to the cloud. Ahh, we are going to have such a blast...
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  7. #7

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    And we've come to my words.
    Azure is down everywhere but in some lines.
    https://azure.status.microsoft/en-us/status
    Half of our sites are down. Minecraft is down! Minecraft! OMG!
    So...Go for a walk?
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  8. #8
    PowerPoster jdc2000's Avatar
    Join Date
    Oct 2001
    Location
    Idaho Falls, Idaho USA
    Posts
    2,429

    Re: Crowdstrike and world cyber attack

    Bottom line:

    If your data is only in "the cloud", you do not own or control it. You are entirely dependent on your service provider.

  9. #9
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    Quote Originally Posted by jdc2000 View Post
    Bottom line:

    If your data is only in "the cloud", you do not own or control it. You are entirely dependent on your service provider.
    I think, you absolutely own and control your data "in the cloud" because you are paying for the service. If the service breaks down that is a separate issue and you would have recourse for that. You don't own or control anything to do with your phone service you pay for either. You are entirely dependent on your service provider. That is just the nature of it.

    I Lived in Tampa Florida and we lost power for three days and the UPS failed. At that point did we no longer control our data? Not until the power came on. Same concept to me.
    Last edited by TysonLPrice; Jul 30th, 2024 at 02:21 PM.
    Please remember next time...elections matter!

  10. #10

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    Yeah, well that is a part of the thread. For example if the hospital failed in the middle of and open surgery would the patient recover it's data after the hospital initialized? I would imagine not. And what would happen if azure gets hacked and all your data and backup data is erased? Granted those are hypothetical examples but seen a real example take place at the beginning of the thread and today I wouldn't just be relaxed. Today we where off for about 3-4 hours, with a very rough estimate we lost about 100.000 Euros that of course no azure will cover for. So it's not that simple.
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  11. #11
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    There are lots of hypotheticals...a solar flare could bring down everything, a comet could darken the planet. But if you want to stay closer to "day to day" reality I think it is safe to say we own and control our data in "the cloud". I suppose if you unplugged from the internet you could say you own and control your data. But even an "air gap" is no guarantee, that is the nature of the technological world we live in.
    Last edited by TysonLPrice; Jul 31st, 2024 at 06:08 AM.
    Please remember next time...elections matter!

  12. #12

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    Well I can bet all my ownings that a data loss is guaranteed to be more possible than a solar flare or a comet
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  13. #13
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    Another way you don't "own or control" your data is ransomware attacks. You don't need to be on the cloud for that to happen. You just have to pay to get the data and control back (unencrypted).
    Last edited by TysonLPrice; Jul 31st, 2024 at 10:25 AM.
    Please remember next time...elections matter!

  14. #14

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    That is up to you tho.
    If you don't firewall and antivirus your data, (or just us MS malware, same thing) you are asking for it. Also from current experience we are getting 10 times more attacks when we got to the cloud, at company level we only got one major from China the last 3 years and was blocked by the second firewall.
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  15. #15
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    Quote Originally Posted by jdc2000 View Post
    Bottom line:

    If your data is only in "the cloud", you do not own or control it. You are entirely dependent on your service provider.
    My point with the other posts saying our data is not safe is there are many instances where is it is "entirely dependent on your service provider.". Whether it is because the provider was hacked, someone hacked in and corrupted it on your PC, hacked into a large system and encrypted it and is holding it for ransom, lengthy power outages, the phone lines die, China shoots down our satellites, or all the myriad of things that can prevent access. I wouldn't single out the cloud any more then all the other reasons you can lose data and control.
    Please remember next time...elections matter!

  16. #16

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    That is valid but again, it depends.
    Previously when we lost our internet provider we did not have websites but data was there to manipulate. Also we could switch to our second internet provider and have websites continue. That has happened tenths of times so it's very valid to happen. Also if we where stupid enough to not backup our data or the building got on fire or a meteors strike, that effected entirely our company and a few others that we supported, not the world.
    So if you have asked me before we went Azure what was my opinion I would be skeptic but not completely against , now... Also i forgot to mention we had email on azure previously. Outlook was working flawlessly for years, now when the machine breaks down we break down, let alone that graph (the azure email) is one of the hardest things I had to code, if I wanted pre 2012 server compatibility. Anyone worked with graph using http style would feel my pain. Also the damn thing is falling at least once a month. Our exchange failed once per 10 years.
    Last edited by sapator; Jul 31st, 2024 at 01:47 PM.
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  17. #17
    PowerPoster
    Join Date
    Sep 2005
    Location
    Modesto, Ca.
    Posts
    5,251

    Re: Crowdstrike and world cyber attack

    I never have understood the ransomware people,

    https://apnews.com/article/blood-cen...ad30acee116893

    I know they do it to make money but I'd be so guilt ridden that no amount of money would make life enjoyable. If you got the skills to create ransomware there has to be other ways you can make money.

  18. #18

    Thread Starter
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    6,684

    Re: Crowdstrike and world cyber attack

    I don't either but some have "turned" and are now working for cyber security companies. So some are just "showing off" to get a good job. I believe there was a documentary of ex hackers talking about it somewhere.
    ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
    πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·

  19. #19
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    Quote Originally Posted by wes4dbt View Post
    I never have understood the ransomware people,

    https://apnews.com/article/blood-cen...ad30acee116893

    I know they do it to make money but I'd be so guilt ridden that no amount of money would make life enjoyable. If you got the skills to create ransomware there has to be other ways you can make money.
    They probably are laughing all the way to the bank...
    Please remember next time...elections matter!

  20. #20
    New Member
    Join Date
    Jul 2022
    Posts
    10

    Re: Crowdstrike and world cyber attack

    Man, CrowdStrike are going to have so many lawsuits on their asses. Some of them are already in process, as this law firm mentions.
    Last edited by build; Sep 9th, 2024 at 02:58 AM.

  21. #21
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,894

    Re: Crowdstrike and world cyber attack

    Quote Originally Posted by build View Post
    Man, CrowdStrike are going to have so many lawsuits on their asses.
    The overall consensus among legal experts is that CrowdStrike is likely protected by its terms and conditions from reimbursing customers for more than they paid for the product, limiting its software liability. But that isn't stopping them from being filed. If you work from home and the internet goes down can you sue for lost work? Maybe for the time you didn't have internet access, pennies on the dollars, but not lost wages.
    Please remember next time...elections matter!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width