Software Update Failure and its effect on your business.

Your business was probably not seriously affected by the recent CrowdStrike outage. However, there are a few lessons to be learned from the event.

CrowdStrike is a leading independent cybersecurity company with a large number of corporate users. The software update they issued in July 24 contained a corrupted file which affected Windows systems, in that they either wouldn’t start or were suck in the “blue screen of death” (BSOD) situation.  This resulted in widescale outages that were widely reported in the news. While a resolution was quickly issued the turmoil for some businesses continued for several days.

So, this was not a Windows issue per-se nor was it a Cyber Security issue it was a software application fault.

So, could something like this happen to your business?  Well yes it could. The question you should consider is what would you do about it?

Your IT team should be the first port of call and if you have engaged with them to manage system updates and maintenance then they, like our team here at Flex IT, will have policies in place to deal with system and software updates.

If you are ever affected by a serious malfunction from a software update, it is crucial to stay calm and vigilant. Cybercriminals often exploit such situations to launch phishing attacks.

Make sure any remedial actions taken are from reputable sources. The best source is your IT Partner.

Warn employees to be cautious when engaging with unfamiliar IT support or help desks. Cybercriminals may attempt to exploit the incident by requesting funds to unlock endpoints, remote access, or login details to install recovery software.

Always use secondary, unique methods of authentication to verify the identity of the support personnel. The best course of action is to contact your trusted IT support company directly.

If you are affected by a Cyber Incident  and you have cyber insurance (we highly recommend you do), it is advisable to consult with your insurance broker immediately and notify them if you have been impacted by the outage. Early notification is crucial as it allows your insurer to engage appropriate vendors and ensure that all coverage conditions are met. Record all expenses, invoices, and costs incurred while addressing the problem, as these will be considered in your Business Interruption and Extra Expense calculation.

It’s important to note that cyber policies primarily respond to malicious cyber-attacks. Since the CrowdStrike outage was caused by a software error, it may not be covered under some cyber insurance policies. It’s always good to discuss the specifics with your insurer to understand your coverage better.

We highly recommend that your business obtains a Cyber Essentials accreditation so that you can be confident that your business information and operation are well protected. We have guided several business through the process and can help your business, you can find out more here – https://www.flex.co.uk/it-solutions/it-security-oxfordshire or give us a call.

If you have any further questions or need additional support, please do not hesitate to contact our support team at Flex IT.

Flex Information Technology Ltd.  –  www.flex.co.uk

0333 101 7300         support@flex.co.uk