CrowdStrike Outage Fallout, North Korean Hacks Cyber Firm, Digital Twins, Cloud Security

[00:00:00] It's Thursday, July 25th, 2024, and I'm Dave Sobel. Three things to know today. CrowdStrike's crash cost billions, aviation disruptions, congressional hearings, and new testing policies. Identity theft and AI, how a North Korean hacker infiltrated a cybersecurity firm, and

[00:00:21] strategic AI integration, digital twins, scenario planning, and evolving cloud security models for future success. is the business of tech. CrowdStrike has released an initial analysis of what happened in a blog post. On Friday, July 19th, 2024, CrowdStrike released a content configuration update for the Windows

[00:00:44] Sensor that resulted in a system crash. The issue was caused by a bug in the Content Validator which allowed problematic content to be deployed. To prevent this from happening again, CrowdStrike plans to improve content testing, add validation checks, enhance error handling, and implement a staggered deployment strategy.

[00:01:08] Impacted hosts can be remediated by rebooting or using recovery ISOs. CrowdStrike will release a root cause analysis once the investigation is complete. We also learned that CrowdStrike's failed software update was live for only 78 minutes.

[00:01:25] The fallout continues as Delta Airlines spent a good portion of the week still catching up. The Department of Transportation is investigating Delta's handling of passengers after the carrier's slow recovery resulted in over 5,000 flight cancellations. The computer outages heavily affected Delta's key crew management system, leading to those

[00:01:46] ongoing disruptions. Congress too is expected to get involved, with lawmakers calling for high-profile hearings to examine the outages. Representative Mark Green is urging the CrowdStrike CEO to testify about the recent global outage. And according to a report by Parametrics, the CrowdStrike IT outage cost Fortune 500

[00:02:08] companies an estimated $5.4 billion. The aviation, healthcare, and banking sectors are expected to suffer the largest financial losses. The outage impacted one in four Fortune 500 companies. CrowdStrike offered partners a $10 Uber Eats gift card as an apology for the recent global computer crash caused by that update.

[00:02:32] The gift card was sent to express gratitude for the additional work caused by the incident. However, some recipients reported that the voucher was canceled when they tried to redeem it. CrowdStrike confirmed sending the gift cards and explained that Uber flagged them as fraud due to high usage rates.

[00:02:50] So who will pay for the outage? Sky News reports how it's difficult to determine the extent of the losses and prove that they were a direct result of the outage. There's an expectation that CrowdStrike will be covered by insurance.

[00:03:04] The aviation industry is expected to face significant losses, but claiming compensation may not be straightforward. Financial services may also face compensation claims. The economic consequences of the outage are uncertain, but there may be an increase in spending on IT continuity preparation.

[00:03:23] CNN has a similar article noting legal protections in customer contracts may shield the company from liability. The reputational damage from the incident may make it difficult for CrowdStrike to retain existing customers and attract new ones.

[00:03:38] And to end on a high note, the Washington Post highlighted how the outage turned IT technicians into heroes as they worked tirelessly to restore systems and prevent chaos. IT workers spent long hours fixing systems and ensuring operations were back to normal.

[00:03:54] The coverage highlighted the importance of IT workers and the need for robust communication procedures and contingency plans in case of future outages. Why do we care? I think there are two areas to focus on. First, CrowdStrike is implementing policies for testing that should already exist, particularly

[00:04:13] that staggered deployment. Take that lesson away. Staggered deployments. Second, now we're into the consequences. I'm skeptical of CrowdStrike's real reputational damage. This has been thrown around for a long time as a consequence, and I'm increasingly less convinced. The way that happens is a quality improvement of competitors.

[00:04:36] If other software becomes more reliable, then vendors have to respond. Since software quality has been the theme I've highlighted this week, we'll see. I'm actually expecting those compensation claims to be simply absorbed as the cost of doing business.

[00:04:55] Trinity Cyber brings MSPs a revolutionary new capability to grow your business and improve your margins. Trinity Cyber's world-class threat analysis team works 24-7 to deeply inspect customer traffic in context. Trinity Cyber stops threats before they even enter your clients' networks, and they do

[00:05:17] the hunting and event triaging to save you money. Here's what Wayne Porter, owner of MSP Allegheny Computer Services, has to say. Trinity Cyber is a true game changer for MSPs. It's more affordable. It provides fewer false positives. And it costs less.

[00:05:37] Let their threat intelligence experts work for you around the clock to reduce your workload. Visit trinitycyber.com slash msp4 to learn about their discounted MSP pricing options. Cybersecurity firm Knowbe4 discovered that a remote worker hired as a software engineer

[00:05:58] was actually a North Korean threat actor using a stolen identity. The actor used a valid identity and an AI-generated stock image to devoid detection. Knowbe4's internal investigation revealed suspicious activities, including loading malware onto the worker's laptop.

[00:06:16] The company concluded that the worker was a fictional persona operating from North Korea. No illegal access or data loss occurred. The incident highlights the need for more robust vetting processes and continuous security monitoring. Why do we care?

[00:06:32] No kidding it shows off the need for vetting and continuous monitoring. It's another attack vector I wanted to highlight. Time for some weekend big ideas. Axios with an article discussing the concept of digital twins, which are virtual likenesses of humans or objects used for research.

[00:06:53] Tech companies believe that digital twin technology can unlock the potential of AI by making copies of our psychologies, personalities, and surrounding objects. The market for digital twins is predicted to grow significantly with the healthcare industry driving its growth.

[00:07:09] LinkedIn co-founder Reid Hoffman has created his own digital twin, Reid AI, using custom AI models. The article highlights the potential applications of digital twins in various industries and emphasizes their everyday utility in personalized healthcare and other statistics-heavy applications.

[00:07:29] One useful thing with the need for organizations to consider the possibility of continued AI improvement in their strategic planning. While there is uncertainty about the future of AI, many insiders believe that achieving artificial general intelligence or AGI is possible in the near term.

[00:07:47] The article emphasizes the importance of planning for multiple contingencies and highlights the current capabilities of AI systems. It also suggests using scenario planning techniques to explore different future possibilities and make informed decisions. And Runtime examines the sagging shared responsibility model.

[00:08:08] The shared responsibility model in cloud computing security faces challenges in the modern security environment. Some providers need to do more to protect their customers, as sophisticated threats and automated attacks are straining the old model. While customers are responsible for securing access to their accounts, security experts

[00:08:27] argue that cloud providers should take on more responsibility. This may require vendors to accept more friction in the user experience and provide easier ways for customers to detect anomalous activity. Turning security into a competitive advantage could drive industry-wide improvements. Why do we care? Sometimes friction is good.

[00:08:51] Reminding you about security is one of those good friction points. It's worth reexamining the shared responsibility model as threats become more complicated. I'm not one to sign on to AGI being here soon. The article's big takeaway for me is adding AI into your strategic planning process, both

[00:09:10] for you and your customers. Throw in a little digital twin planning too. Thanks for listening. It's National Chili Dog Day, National Hot Fudge Sunday Day, and National Wine and Cheese Day. With dinner sorted, enjoy it with red shoes on International Red Shoe Day. I'll be off tomorrow.

[00:09:33] There'll be a copy of the live episode for those of you on the podcast feed and an interview episode on Sunday with me back on Monday. If you have a question you want answered, I take those, send them in at question at MSBRadio.com.

[00:09:46] I answer those Lister questions live each week on the Wednesday live show on YouTube and LinkedIn 3 p.m. Eastern. And if you like the show, share it with a friend, make sure you're following on your favorite platform and give a good review.

[00:10:01] I will talk to you again on Monday. The Business of Tech is written and produced by me, Dave Sobel, under ethics guidelines, posted at businessof.tech. If you like the content, please make sure to hit that like button, follow or subscribe.

[00:10:17] It's free and easy and the best way to support the show and help us grow. You can also check out our Patreon where you can join the Business of Tech community at patreon.com.msbradio or buy our Why Do We Care merch at businessof.tech.

[00:10:34] Finally, if you're interested in advertising on the show, visit msbradio.com. Once again, thanks for listening to me. I'll talk to you again on our next episode of the Business of Tech. Part of the MSP radio network.