On Friday, the world experienced what many have called the largest IT outage in history, with 8.5 million Windows computers crashing and failing to restart.
The culprit was a bug triggered by an automatic update for a piece of software that, until Friday, was largely unknown outside cybersecurity circles: CrowdStrike’s Falcon.
Falcon is a type of software known as “endpoint detection and response” (EDR). It’s akin to an antivirus on steroids, monitoring computers for signs of cyberattacks. It collects data on files opened, programs run, websites visited, and more, making it highly privileged software. When an employee accidentally opens a malicious email attachment, Falcon is watching—ever vigilant.
EDR programs are considered best practice and are recommended by the Australian government’s chief cyber defence agency.
This means that in 2024, the top strategy recommended by cybersecurity experts involves software that monitors everything happening on our computers.
How did we reach this point, and is there a better way forward?
+ There are no comments
Add yours