The world suffered what many have described as the largest IT outage in history when 8.5 million Windows computers crashed and wouldn’t restart.
The cause was a bug triggered by an automatic update for a piece of software that, until Friday, nobody beyond cyber security nerds had heard of: CrowdStrike’s Falcon.
CrowdStrike Falcon is a type of software known as “endpoint detection and response,” or EDR for short. It’s somewhat like an anti-virus on steroids. When installed, Falcon monitors a computer for signs of cyber attacks.
It can collect data about what files you open, what programs you run, what websites you visit, and so on. This makes it highly privileged software. When an employee accidentally opens a malicious email attachment, Falcon is watching — eternally vigilant.
EDR programs are considered best practice, recommended by the Australian government’s chief cyber defense agency.
This means that in 2024, the best strategy that cyber security experts recommend involves software that spies on everything that happens on our computers.
How did we get here, and is there a better way forward?
Leave a Comment