UB School of Management expert available to discuss Crowdstrike outage affecting computer systems worldwide

By Kevin Manne

Dominic Sellitto
Clinical Assistant Professor of Management Science and Systems
University at Buffalo School of Management

Sellitto is an expert in cybersecurity, artificial intelligence, information assurance, digital forensics and information technology (IT) management.

According to Sellitto, the issue being faced widespread appears to be due to a faulty software update that happened sometime overnight:

• Much like your personal software on your computer, enterprise-level software updates happen periodically. Some software updates are held back and manually applied by IT in organizations, while others are automatically updated. In this case, it appears that customers of the Crowdstrike Falcon Sensor cybersecurity software, which includes a large number of enterprises worldwide, received what Crowdstrike refers to as a “content update” overnight, which may have been applied automatically to customers.
• This update contained a file that inadvertently caused Windows devices to crash, commonly referred to as ‘the blue screen of death’ in the tech community. Many customers reported that the crashed computers continued to crash upon attempting to reboot, grinding businesses to a halt.

“It’s tempting to look at this and think that it feels a lot like a cybersecurity attack. While it appears that it isn’t, the impact may be seen as no less damaging,” says Sellitto. “The goal of many attacks is to halt business operations. In this case, business operations were brought to a halt, it’s just that the intent was not malicious. Ultimately, the cost equation to businesses and consumers doesn’t care much about the motivation of these things — impact is impact.”

Sellitto says the good news is twofold:

1. The average consumer does not use this enterprise software, so most people don’t have to worry about this affecting their home computers. 
2. The company has moved quickly to issue a fix — though, it may take time to remedy the situation for many companies, especially those who rely on remote access to administer systems in other geographic regions.

“The big takeaway for organizations is to make sure that they conduct inventories of their widely deployed software, and make sure that auto-updates are kept to a bare minimum,” says Sellitto. “Most IT organizations have a rigorous testing cycle internally that happens with things like Windows updates to ensure this sort of thing doesn’t happen. I think many organizations are going to be extending this process in light of this event.”

To schedule an interview with Professor Sellitto, contact Kevin Manne, assistant director of communications, at 716-645-5238 or kjmanne@buffalo.edu.