Insights

ATLANTA - The recent CrowdStrike software update fiasco serves as a stark reminder of the vulnerabilities inherent in our interconnected world. Jared Haviland, the information security officer at Critical Path Security, was featured in a news interview shedding light on the extensive impact of this event and the critical lessons it offers. Most Americans were asleep when the chaos began, but in other parts of the world, people experienced the full brunt of the issue as it unfolded. The blue screen of death, a term coined for catastrophic Microsoft errors, reappeared, causing significant disruptions. Border crossings out of Canada slowed to a crawl, television stations went off the air, and essential services in hospitals, banks, and transportation were severely impacted. "Systems were going down. People couldn't do what they normally do," Haviland explained during the interview. This event underscores the risk posed by the heavy reliance on a handful of…

Overview of the Incident On July 19, 2024, a critical update failure by CrowdStrike, a leading cybersecurity firm, caused widespread IT disruptions. This incident has severely impacted multiple sectors, including airports, airlines, banks, and other essential services, leading to significant operational challenges and delays. Affected Sectors Airports and Airlines The update failure caused substantial disruptions across numerous airports and airlines globally: Spain: Airports operated by Aena experienced complete operational shutdowns, forcing a reversion to manual processes. UK: Airports such as Liverpool, Manchester, and Luton reported manual check-ins and operational delays. Australia: Sydney Airport faced long queues and delays. Airlines: Companies like Ryanair, Delta, and KLM experienced significant disruptions, leading to delayed and canceled flights​​​​. Financial and Other Sectors The disruption extended beyond aviation to other critical infrastructure: Banks: Major financial institutions reported system failures affecting transactions and services. Stock Exchanges: The London Stock Exchange experienced interruptions, impacting trading activities. Healthcare:…

We are excited to share that our CEO, Patrick Kelley, will be delivering talks at several key cybersecurity conferences in the upcoming months. Known for his deep expertise and thought leadership, Patrick will cover a range of pertinent topics, offering valuable insights to the cybersecurity community. Below are the details of his scheduled appearances: August 13 - 16, 2024 Event: Cooperative Technologies Conference Location: Wilmington, NC Topic: Keeping up with the Jones: Where to Focus Your Cooperative's Limited Cybersecurity Budget August 27 - 29, 2024 Event: AREA Business Administration Conference Location: Perdido Beach, AL Topics: Cyber Fraud Update AI Update and Opportunities September 25 - 27, 2024 Event: GA EMC Technology Association Fall Meeting Location: Jekyll Island, GA October 1 - 2, 2024 Event: MRO 2024 Security Conference Location: St. Paul, MN Topic: Balancing the Scales: Managing Mental Health in Cybersecurity October 8 - 9, 2024 Event: Iowa Association of…

In a recent disclosure, AT&T revealed that a significant data breach occurred two years ago, affecting text message and phone call records of "nearly all" its customers. This incident is the latest in a series of security challenges for the telecom giant, following the exposure of personal information from tens of millions of customers on the dark web earlier this year. The Data Breach Details The breach in question, which took place between May and October 2022, involved the compromise of call and text records from most AT&T customers. Notably, while the content of these communications was not accessed, the breach did include: Phone numbers: Numbers of both AT&T customers and the individuals they contacted. Interaction details: Frequency of interactions and call duration. However, sensitive personal information such as Social Security numbers, dates of birth, and other personally identifiable information (PII) were not included in the breach. Despite this, AT&T…