Risky Business Risky Business #758 – Crowdstrike's postmortem underwhelms
Aug 7, 2024
Dmitri Alperovitch, a prominent expert on geopolitical issues and technology, shares insights on the recent Russian prisoner swap and its implications. Marko Slaviero, a cybersecurity innovator, discusses the unique approach of a one-VM-per-customer hosting solution and the security benefits it brings. The conversation dives into CrowdStrike's controversial postmortem and the ongoing legal battles with Delta Airlines. They also tackle the evolving landscape of ransomware and the challenges facing security in cloud architectures.
AI Snips
Chapters
Transcript
Episode notes
CrowdStrike's Major Outage Insight
- CrowdStrike caused a global outage due to shipping a buggy kernel driver update with inadequate testing.
- Ignoring deployment rings for this update led to widespread disruptions like planes stopping flights.
DigiCert's Certificate Revocation Drama
- DigiCert revoked certificates with only 24 hours' notice, sparking customer lawsuits due to operational challenges.
- Such rushed revocations reflect how terrified CAs are of browser trust store removals, sometimes overcorrecting.
Nuances of Russian Prisoner Swap
- The Russian prisoner swap included some cybercriminals but mostly non-state actors released due to political connections.
- Putin seeks the return of any arrested Russians, not just state-affiliated hackers, complicating future swaps.