a person using a laptop

Media / Blog

Lessons from the CrowdStrike Incident: Enhancing Your Cybersecurity and Data Protection

Prev

How Does a Car Accident Affect You Financially?

July 21, 2024

The CrowdStrike update fiasco, a stark reminder of our digital world's fragility, shook even the most secure cyber landscapes. This event, while not a result of a cyberattack, highlighted the unpredictable nature of our interconnected systems and the vulnerabilities within critical infrastructure. Cybercriminals often exploit such disruptions, posing as saviors while planning malicious activities. This article will dive into the CrowdStrike update issue, explore various cybersecurity threats, and offer practical advice on safeguarding your data.

What Happened: The CrowdStrike Update Breakdown

CrowdStrike, a renowned name in cybersecurity, released an update that unintentionally led to major disruptions. This faulty update triggered system failures and heightened vulnerabilities, impacting numerous users and organizations. Reports indicate that the update's failure resulted in several critical issues, including service outages and increased exposure to cyber threats. Airlines, government entities, 911 lines in some states, banks, hospitals, and millions of Windows device users were affected.

It's easy to see why some might have mistaken this outage for a cyberattack. Sudden outages, blue screens at airports, office computers filled with error messages—chaos and confusion reigned. Social media was rife with misinformation, incorrectly flagging trending topics like "cyberattack." It's important to remember that if something seems too alarming or sensational, you should verify the accuracy of the information through official news sources.

Impact on Users and Organizations

The Cybersecurity and Infrastructure Security Agency (CISA) attributed the outages to the faulty CrowdStrike update, confirming that the issue was not a cyberattack. However, CISA did note that "threat actors are taking advantage of this incident for phishing and other malicious activities."

Malicious actors thrive in confusion and chaos, seizing opportunities to conduct cyberattacks. They may pretend to offer help during such IT outages to steal access to your accounts, obtain passwords, hack confidential data, and more.

Lessons Learned from the Incident

The CrowdStrike update disruption had widespread ramifications. Many organizations faced operational challenges and potential security risks during the period of vulnerability. Users dependent on CrowdStrike's services experienced interruptions that could have exposed them to cyber threats. Although bad updates are inevitable, their consequences don't have to be disastrous. Organizations need to plan for these disruptions and prioritize business continuity. Having contingency plans in place is crucial for effectively managing and mitigating the impact of such incidents.

Understanding Cybersecurity Threats

Types of Cybersecurity Threats

  1. Malware: Malicious software designed to harm or exploit systems. Examples include viruses, worms, and spyware.
  2. Phishing: Deceptive attempts to obtain sensitive information by pretending to be a trustworthy entity. Phishing attacks often come via email, tricking users into providing personal details.
  3. Ransomware: A type of malware that encrypts a user's files and demands payment to restore access. Ransomware attacks can paralyze operations and result in significant financial losses.
Common Vulnerabilities

Common vulnerabilities include outdated software, weak passwords, and unpatched security flaws. Regular software updates and using strong, unique passwords can help mitigate these risks.

Personal Data Protection

Importance of Backing Up Data

Data backup is essential for protecting against data loss due to cyberattacks, system failures, or other issues. Regular backups ensure that even if data is compromised, a copy is available for recovery.

Methods of Data Backup

  1. Cloud Storage: Offers off-site backups accessible from anywhere with an internet connection. Services like Google Drive and Dropbox provide reliable cloud storage solutions.
  2. External Hard Drives: Provide a physical backup solution for storing large amounts of data securely.
  3. Network Attached Storage (NAS): Centralizes data storage across a network, allowing multiple users to access and back up data efficiently.

Cybersecurity Best Practices

Strong Passwords

Using complex, unique passwords for different accounts can significantly reduce the risk of unauthorized access. Password managers can help generate and store secure passwords.

Multi-Factor Authentication (MFA)

MFA adds an extra layer of security by requiring multiple forms of verification, such as a password and a fingerprint or text message code. This makes it more challenging for unauthorized users to access your accounts.

Regular Software Updates

Keeping software up-to-date is crucial for patching security vulnerabilities. Regular updates ensure that your systems are protected against the latest threats.

Secure Wi-Fi Connections

Using encrypted Wi-Fi connections helps prevent unauthorized access to your network. Ensure your router uses WPA3 encryption for the best security.

Advanced Security Measures

Firewalls

Firewalls monitor and control network traffic based on predetermined security rules. They help block unauthorized access while permitting legitimate communication.

Antivirus and Anti-Malware Software

These tools detect and remove malicious software, providing an additional layer of defense against cyber threats.

Virtual Private Networks (VPNs)

VPNs encrypt your internet connection, ensuring that your online activities remain private and secure from prying eyes.

Encryption

Encryption converts data into a secure format that is unreadable to unauthorized users. This is essential for protecting sensitive information.

Identifying and Responding to Threats

Signs of a Potential Cyber Threat

Signs of a cyber threat include unusual system activity, slow performance, and unexpected pop-ups. Being vigilant and monitoring your systems regularly can help detect potential threats early.

Steps to Take if Compromised

If you suspect a security breach, immediately change your passwords, enable MFA, and monitor your accounts for any unusual activity. Conduct a thorough investigation to understand the extent of the breach.

Importance of Incident Response Plans

An incident response plan outlines the steps to take in the event of a security breach. Having a well-defined plan ensures a quick and effective response, minimizing damage and restoring normal operations.

Conclusion: Strengthening Cybersecurity in a Fragile Digital World

The CrowdStrike update incident underscores the importance of robust cybersecurity measures. By implementing best practices, staying vigilant, and continually improving your security posture, you can protect your personal and organizational data from cyber threats. Don't wait for a breach to occur—take proactive steps today to ensure your cybersecurity defenses are strong.

Next

The Impact of Inflation on American Birth Rates

About the author

Guest Author

Securities offered through Kestra Investment Services, LLC (Kestra IS), member FINRA/SIPC. Investment advisory services offered through Kestra Advisory Services, LLC (Kestra AS), an affiliate of Kestra IS. oXYGen Financial is not affiliated with Kestra IS or Kestra AS. Kestra IS and Kestra AS do not provide tax or legal advice.

Investor Disclosures: https://bit.ly/KF-Disclosures

The opinions expressed in this commentary are those of the author and may not necessarily reflect those held by Kestra Investment Services, LLC or Kestra Advisory Services, LLC. This is for general information only and is not intended to provide specific investment advice or recommendations for any individual. It is suggested that you consult your financial professional, attorney, or tax advisor with regard to your individual situation.

Sign Up

Sign up for our exclusive Sunday Paper with a weekly market commentary, insightful personal finance blogs, and life changing education guides.

Email sign up

Securities offered through Kestra Investment Services, LLC (Kestra IS), member FINRA/SIPC. Investment advisory services offered through Kestra Advisory Services, LLC (Kestra AS), an affiliate of Kestra IS. oXYGen Financial is not affiliated with Kestra IS or Kestra AS. Kestra IS and Kestra AS do not provide tax or legal advice. https://Bit.ly/KF-Disclosures

This site is published for residents of the United States only. Registered Representatives of Kestra IS and Investment Advisor Representatives of Kestra AS may only conduct business with residents of the states and jurisdictions in which they are properly registered. Therefore, a response to a request for information may be delayed. Not all products and services referenced on this site are available in every state and through every representative or advisor listed. For additional information, please contact Kestra IS Compliance Department at 844-553-7872.

PLEASE NOTE: The information being provided is strictly as a courtesy. When you link to any of the web sites provided here, you are leaving this web site. Kestra IS and Kestra AS makes no representation as to the completeness or accuracy of information provided at these web sites. Nor is Kestra IS and Kestra AS liable for any direct or indirect technical or system issues or any consequences arising out of your access to or your use of third-party technologies, web sites, information and programs made available through this web site. When you access one of these web sites, you are leaving our web site and assume total responsibility and risk for your use of the web sites you are linking to.