4 comments

[ 3.1 ms ] story [ 17.5 ms ] thread
That percentage is possibly far too low and misleading. Most Windows devices, like all those home PCs, do not use Cloudstrike. What is important was the % of servers it took out that were using Cloudstrike. Each of those servers might have been serving dozens or hundreds of Windows PCs.
That's why it's correct. It didn't say 1% of business users. It said 1% of all PCs, including home ones.

The problem with CrowdStrike is that it's old software based on an outdated idea (blacklisting). Attempting to update their blacklist file caused the interpreter to crash. A security system based on whitelists doesn't have a blacklist that updates itself remotely and therefore can't have this problem.

The second issue is with over reliance on SaaS. When you outsource everything to 10 vendors, you lose in-house understanding and control over your tools. It also leads to aggregation and mini monopolies in SaaS vendors when they buy or kill each other. The fact that so many aviation businesses relied on a single vendor shows the risks.

One percent of a several billion machines is still several tens of million machines.

And what do you think -- is corporate antivirus more likely to be running on inconsequential consumer laptops, or on corporate servers...?

Tens of millions of servers going off-line is, as we saw, a recipe for chaos. I don't know if that headline was supposed to be calming, but either way: It wasn't.