Why cyber insurance plans may need to include buggy software updates
Your company may be sufficiently insured if your business is interrupted due to data breaches or hacking incidents. But does it also cover losses due to software updates, especially in a world of interconnected devices, where a buggy software update on a central server could impact multiple devices like computers, smartphones, smart kiosks, ATMs, smart TVs, etc., and hence impact many business channels, simultaneously? Under normal circumstances, such a question would sound odd since one would assume that most companies would have insured themselves against data breaches, ransomware attacks, cyberattacks and other such business interruptions or even power outages.
But Friday, 19 July, was not a normal day. An apparently simple and routine "sensor configuration update" by a CrowdStrike product paralyzed millions of Windows-run computers, servers and other such endpoints, globally.
The glitch triggered the dreaded Blue Screen of Death (BSoD), crippling the services of airlines, brokerages, financial institutions and even media houses worldwide. To recapitulate, CrowdStrike routinely provides sensor configuration updates to the "Channel Files" of its clients as part of the protection mechanisms of its Falcon platform.
The Channel Files on Windows systems reside in the following directory: C:\Windows\System32\drivers\CrowdStrike\ and start with the “C-" letter and a unique number to identify each file. In this case, the impacted Channel File '291' is named “C-00000291-" and ends with a .sys extension, which indicates that these are system files consisting of drivers and settings for hardware devices.
Read more on livemint.com
