A possible cyber-attack on critical equipment that could be orchestrated by a nation-state like China was aided by the new CrowdStrike IT failure.
What might happen if China used disruptive force against important systems was a valuable exercise.
During a briefing at Black Hat USA 2024, Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency ( CISA ), said, “It’s really about building resilience into our networks and our systems to allow us to withstand significant disruptions and at least reduce the recovery time to be able to provide services.”
“I thought the CrowdStrike failure was a valuable exercise, like a dress rehearsal, for what China may want to accomplish. In a world where the information update is not reversed, we must be able to react and recover quite quickly if something similar occurs afterwards.”
The Volt Typhoon Precedent
In May, CISA issued about the imminent threat posed by People’s Republic of China ( PRC ) state-sponsored cyber actors known as Volt Typhoon. Volt Typhoon has been constantly enticing network of US-critical system organizations, according to the expert.
This is not intended to be a spies, data thieves, or IP thieves, but rather to start a destructive attack in the middle of a significant conflict in the Taiwan Strait.
The National Cybersecurity Centre (NCSC ) of the UK has also issued strong warnings about potential Volt Typhoon, which could stoke the pace for cyberattacks of all kinds.
Since issuing these remarks, CISA is now investigating whether this has led the Volt Typhoon actors to a location where they are no longer able to locate them or whether their strategies and techniques have changed.
“I don’t think we have seen any material changes yet”, Easterly said.
Instructions from the CrowdStrike Outage for CISA
CISA collaborated with CrowdStrike to give mitigation advice to those affected during the international IT interruption on July 19 due to a content update to the CrowdStrike Falcon sensor that resulted in outages for Microsoft Windows Operating Systems.
East outlined three lessons from the CrowdStrike event in her response to the problem.
We were very well connected as a society when it came to using a turnkey method to reach out to both the technologies companies and the vital infrastructure, she said.
“Minute, it reinforced what we’ve been saying about the necessity for technologies contractors to design, build, test and install software that is protected by style. We saw that computer sellers are not immune from issues around program value”, Easterly explained.
“The big teaching though … is the endurance, what was going through my mind was that this is exactly what China wants to do but without rolling up the update”, she said.
The CrowdStrike event reinforced the need for organizations to build endurance at every step, according to NCSC CEO Felicity Oswald.
Oswald added that NCSC’s crucial role was in ensuring that the new government, which took office in July, was able to provide companies with the info they needed to deal with the affair. It was also important that NCSC clarify that the CrowdStrike failure was not a destructive risk.