-
Jul 21st, 2024, 05:27 AM
#1
Crowdstrike and world cyber attack
There is a topic but it's in a dark corner on the forums so I don' think if people noticed it.
So what is your thoughts? Is using global data center systems worth the risk? Meaning the risk of not having transportation banks hospitals etc?
Actually we have azure at work but we did not see this in action, it did not affect us.
Also was this a big test disguised as an error?Not saying just asking or it's an innocent "error" Klaus talk about it a few years ago and when Klaus talk...
My initial thoughts is that we are risking a lot just putting our heads in the ground and hopping nothing would happen. Well..
The incident clearly showed there was not a backup solution even if there should be one in theory. What if in the near future that everything are zipping into a few global centers is becoming more and more common something similar will happen? And what if people take advantage to do they evil deeds? So is this moving forward of moving backward as global data holding not like it's the innovation of the century. From our part we are having more trouble than benefits with azure. The only one might be not having to preserve servers.But we pay for them "invisibly".
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 22nd, 2024, 03:39 AM
#2
Re: Crowdstrike and world cyber attack
You could also say it was a hiccup in a massively complex system that was fixed relativity quickly. I've pushed out a "stinker" or two.
Please remember next time...elections matter!
-
Jul 22nd, 2024, 03:49 AM
#3
Re: Crowdstrike and world cyber attack
From the sounds of things it wasn't a problem with Azure specifically, any Windows system running the faulty security product was potentially affected. If you are running Windows VMs on any cloud platform and had installed the faulty product you are likely to have been hit by this.
-
Jul 22nd, 2024, 04:40 AM
#4
Re: Crowdstrike and world cyber attack
Yeah I'm talking about what could potentially happen when systems are merged and merged and merged, to big ones. For example if google was to be hacked.
I have seen an Azure meltdown , it was for a day , last year? That Impacted us dearly as all our global services where down. Fortunately we don't keep the in house services on Azure so we did not have to fix anything after. We just waited like fools for Azure to recover looking left and right.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 22nd, 2024, 06:10 AM
#5
Re: Crowdstrike and world cyber attack
Originally Posted by sapator
Yeah I'm talking about what could potentially happen when systems are merged and merged and merged, to big ones. For example if google was to be hacked.
I have seen an Azure meltdown , it was for a day , last year? That Impacted us dearly as all our global services where down. Fortunately we don't keep the in house services on Azure so we did not have to fix anything after. We just waited like fools for Azure to recover looking left and right.
Whenever I am discussing cloud architectures etc. with clients it is amazing just how much trust they have in a single provider. If everything is in one cloud then what happens if it goes down / offline (e.g. another DNS mess); people either just don't want to consider this, or assume the compensation due from the provider's SLAs will be sufficient (spoiler alert - it most certainly isn't covering anything like your potential losses.
Any cloud hosted solution needs to consider DR, e.g. on-prem / alternate cloud provider. Just the same as a traditional on-prem environment needs to consider off-site recover / DR facilities.
Then again people don't seem to be getting any cleverer when it comes to IT ....
-
Jul 22nd, 2024, 01:28 PM
#6
Re: Crowdstrike and world cyber attack
You are correct but in my case it's "sort" of It fault.
It was brought to us from the IT manager that talked with another company in the group that assured him that everything was going smooth as a babies buat. Me and the network engineers tried to say a few words to at least have a backup plan as in all of our data but it was an "I know it all and I know it now" decision. Currently we had the azure failure and a LOT of network restarts as Azure instances a falling down. When the security failed worldwide he was jumping up and down asking , are we OK?Are we OK? Talk about assurance.
Also we have plains in 3 years to bring every major external provided app to the cloud. Ahh, we are going to have such a blast...
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 30th, 2024, 08:56 AM
#7
Re: Crowdstrike and world cyber attack
And we've come to my words.
Azure is down everywhere but in some lines.
https://azure.status.microsoft/en-us/status
Half of our sites are down. Minecraft is down! Minecraft! OMG!
So...Go for a walk?
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 30th, 2024, 10:21 AM
#8
Re: Crowdstrike and world cyber attack
Bottom line:
If your data is only in "the cloud", you do not own or control it. You are entirely dependent on your service provider.
-
Jul 30th, 2024, 12:32 PM
#9
Re: Crowdstrike and world cyber attack
Originally Posted by jdc2000
Bottom line:
If your data is only in "the cloud", you do not own or control it. You are entirely dependent on your service provider.
I think, you absolutely own and control your data "in the cloud" because you are paying for the service. If the service breaks down that is a separate issue and you would have recourse for that. You don't own or control anything to do with your phone service you pay for either. You are entirely dependent on your service provider. That is just the nature of it.
I Lived in Tampa Florida and we lost power for three days and the UPS failed. At that point did we no longer control our data? Not until the power came on. Same concept to me.
Last edited by TysonLPrice; Jul 30th, 2024 at 02:21 PM.
Please remember next time...elections matter!
-
Jul 30th, 2024, 04:18 PM
#10
Re: Crowdstrike and world cyber attack
Yeah, well that is a part of the thread. For example if the hospital failed in the middle of and open surgery would the patient recover it's data after the hospital initialized? I would imagine not. And what would happen if azure gets hacked and all your data and backup data is erased? Granted those are hypothetical examples but seen a real example take place at the beginning of the thread and today I wouldn't just be relaxed. Today we where off for about 3-4 hours, with a very rough estimate we lost about 100.000 Euros that of course no azure will cover for. So it's not that simple.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 31st, 2024, 03:30 AM
#11
Re: Crowdstrike and world cyber attack
There are lots of hypotheticals...a solar flare could bring down everything, a comet could darken the planet. But if you want to stay closer to "day to day" reality I think it is safe to say we own and control our data in "the cloud". I suppose if you unplugged from the internet you could say you own and control your data. But even an "air gap" is no guarantee, that is the nature of the technological world we live in.
Last edited by TysonLPrice; Jul 31st, 2024 at 06:08 AM.
Please remember next time...elections matter!
-
Jul 31st, 2024, 07:38 AM
#12
Re: Crowdstrike and world cyber attack
Well I can bet all my ownings that a data loss is guaranteed to be more possible than a solar flare or a comet
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 31st, 2024, 09:44 AM
#13
Re: Crowdstrike and world cyber attack
Another way you don't "own or control" your data is ransomware attacks. You don't need to be on the cloud for that to happen. You just have to pay to get the data and control back (unencrypted).
Last edited by TysonLPrice; Jul 31st, 2024 at 10:25 AM.
Please remember next time...elections matter!
-
Jul 31st, 2024, 11:08 AM
#14
Re: Crowdstrike and world cyber attack
That is up to you tho.
If you don't firewall and antivirus your data, (or just us MS malware, same thing) you are asking for it. Also from current experience we are getting 10 times more attacks when we got to the cloud, at company level we only got one major from China the last 3 years and was blocked by the second firewall.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 31st, 2024, 12:27 PM
#15
Re: Crowdstrike and world cyber attack
Originally Posted by jdc2000
Bottom line:
If your data is only in "the cloud", you do not own or control it. You are entirely dependent on your service provider.
My point with the other posts saying our data is not safe is there are many instances where is it is "entirely dependent on your service provider.". Whether it is because the provider was hacked, someone hacked in and corrupted it on your PC, hacked into a large system and encrypted it and is holding it for ransom, lengthy power outages, the phone lines die, China shoots down our satellites, or all the myriad of things that can prevent access. I wouldn't single out the cloud any more then all the other reasons you can lose data and control.
Please remember next time...elections matter!
-
Jul 31st, 2024, 01:18 PM
#16
Re: Crowdstrike and world cyber attack
That is valid but again, it depends.
Previously when we lost our internet provider we did not have websites but data was there to manipulate. Also we could switch to our second internet provider and have websites continue. That has happened tenths of times so it's very valid to happen. Also if we where stupid enough to not backup our data or the building got on fire or a meteors strike, that effected entirely our company and a few others that we supported, not the world.
So if you have asked me before we went Azure what was my opinion I would be skeptic but not completely against , now... Also i forgot to mention we had email on azure previously. Outlook was working flawlessly for years, now when the machine breaks down we break down, let alone that graph (the azure email) is one of the hardest things I had to code, if I wanted pre 2012 server compatibility. Anyone worked with graph using http style would feel my pain. Also the damn thing is falling at least once a month. Our exchange failed once per 10 years.
Last edited by sapator; Jul 31st, 2024 at 01:47 PM.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Jul 31st, 2024, 03:08 PM
#17
Re: Crowdstrike and world cyber attack
I never have understood the ransomware people,
https://apnews.com/article/blood-cen...ad30acee116893
I know they do it to make money but I'd be so guilt ridden that no amount of money would make life enjoyable. If you got the skills to create ransomware there has to be other ways you can make money.
-
Jul 31st, 2024, 03:48 PM
#18
Re: Crowdstrike and world cyber attack
I don't either but some have "turned" and are now working for cyber security companies. So some are just "showing off" to get a good job. I believe there was a documentary of ex hackers talking about it somewhere.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Aug 1st, 2024, 03:35 AM
#19
Re: Crowdstrike and world cyber attack
Originally Posted by wes4dbt
I never have understood the ransomware people,
https://apnews.com/article/blood-cen...ad30acee116893
I know they do it to make money but I'd be so guilt ridden that no amount of money would make life enjoyable. If you got the skills to create ransomware there has to be other ways you can make money.
They probably are laughing all the way to the bank...
Please remember next time...elections matter!
-
Sep 5th, 2024, 04:19 AM
#20
New Member
Re: Crowdstrike and world cyber attack
Man, CrowdStrike are going to have so many lawsuits on their asses. Some of them are already in process, as this law firm mentions.
Last edited by Shaggy Hiker; Oct 7th, 2024 at 04:03 PM.
-
Sep 5th, 2024, 05:05 AM
#21
Re: Crowdstrike and world cyber attack
Originally Posted by build
Man, CrowdStrike are going to have so many lawsuits on their asses.
The overall consensus among legal experts is that CrowdStrike is likely protected by its terms and conditions from reimbursing customers for more than they paid for the product, limiting its software liability. But that isn't stopping them from being filed. If you work from home and the internet goes down can you sue for lost work? Maybe for the time you didn't have internet access, pennies on the dollars, but not lost wages.
Please remember next time...elections matter!
-
Oct 7th, 2024, 11:22 AM
#22
Re: Crowdstrike and world cyber attack
So several sites linked to Azure where compromised in the company on Friday.
Sites that where not linked did not experience anything. Several sites where deleted from Azure and we had a lot of fun restoring them.
So now that I actually have exampled of big company experience I can highly recommend Azure.
Here are some reason:
Almost unhackable , almost. With the addition of some minor hack before , we get hacked once every 6-8 months. Not a bad ration.
Cheap. We only pay 5000 Euros per month mostly on logs.We are struggling with communication to lower the logs for 2 months now, eventually we will get there. MS is very helpful and fast.
Someone should say that with kind of money we could get 10 good servers per year but that is just badmouthing.
Stable. I experience only periodic non responsive email client once every week. You could compare with our exchange that broke one 5-6 years ago but that again would be badmouthing.
Not easy to hack. There where hacking sings 1 month ago we change all our password removed all cookies data from browsers etc , took a LOT of effort to hack us in one month.
Correct setting. The hacked accounts where not admin and had no privileges on removing sites but they removed sites anyhow. That is the beauty of the unexpected.
And finally fast logging. We get the logs 15 minutes after so it's almost live. That is great anyone has a 15 minutes head start but that train us to be fast and furious!!
So all in all I highly recommend Azure. Go get you subscription today!
If I think anything positive that I forget I would write it.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Oct 7th, 2024, 04:07 PM
#23
Re: Crowdstrike and world cyber attack
I can't say anything about hacking Azure, but after a few months of experience, I'm about as complimentary regarding their UI. There's a whole lot there, and they help you exercise your blood pressure while finding it.
My usual boring signature: Nothing
-
Oct 7th, 2024, 05:29 PM
#24
Re: Crowdstrike and world cyber attack
Just for grins I "Googled" if Azure has been hacked. The answer is yes but from mainly, at least recently, physical attacks:
For the first time in the history of Microsoft, a cyberattack has left hundreds of executive accounts compromised and caused a major user data leak as Microsoft Azure was attacked. According to Proofpoint, the hackers use the malicious techniques that were discovered in November 2023
Hard to blame that on the software. Here is what I saw on other attacks hacks:
Microsoft Azure has been hacked multiple times, including in:
February 2024: Hackers gained access to executive accounts, stealing critical user data, sensitive emails, and internal passwords. The breach exposed vulnerabilities and emphasized the importance of strong security measures.
November 2023: Hackers used a malicious campaign that combined phishing methods with cloud account takeover (CTO) to steal credentials.
August 2021: Thousands of Microsoft Azure customer accounts and databases were exposed.
Please remember next time...elections matter!
-
Oct 8th, 2024, 03:27 AM
#25
Re: Crowdstrike and world cyber attack
I forgot an important aspect.
The attacks where initiated from India and China (xiaomiao!?) but they where targeting a Greek IP group. Why on earth if Azure sees a continuous request from another continent again and again (because that is what was happening) does not just reset the Token of the local source?
If the token was reset nothing would have happened.
Also the attacks vs Azure security seems to be going parallel. More security more attacks. The issue is that the hackers do not really care for a specific company , they compromise azure and whoever is in the way, gets some.
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ
πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν·
-
Oct 8th, 2024, 12:38 PM
#26
Re: Crowdstrike and world cyber attack
I would say that hackers either go after high value targets, or popular targets. High value would be either lucrative tech businesses or government, though organizations that will pay a ransom, such as hospitals, are also valuable for certain types of hackers. Popular would mean just going after whatever is used widely and hope to find something of interest.
My usual boring signature: Nothing
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|