India’s nodal cyber security agency Cert-IN has warned organisations about hacking attacks related to the recent CrowdStrike outage that brought down 8 million-plus Microsoft Windows machines across the world. “There are reports of an ongoing phishing campaign targeting CrowdStrike users leveraging this issue,” warns CERT-In on its website. The security agency also shared a list of URLS that it asked organisations to block.
Earlier, the Reserve Bank of India (RBI) Deputy Governor M Rajeshwar Rao too sounded an alarm to banks and other financial institutions over the growing reliance on single vendors for critical services. Citing the widespread Microsoft outage that brought operations at several Airlines, banks and other institutions at standstill, Rao emphasized the potential disruptions and vulnerabilities such overdependence can create.
In a speech at a BFSI summit, Rao highlighted the risk of “vendor lock-in,” where financial institutions become overly reliant on a single service provider, limiting their flexibility and increasing exposure to potential failures. He also criticized lenders for partnering with digital platforms that lack adequate grievance redressal mechanisms, a practice that can harm customers.
The RBI official stressed the importance of transparency, effective complaint handling, and a balanced regulatory approach that promotes innovation while ensuring robust risk management. He called for financial institutions to strengthen their assurance functions, including risk management, compliance, and internal audit, to mitigate these risks.
The botched CrowdStrike update
A software bug in CrowdStrike’s quality-control system caused the software update that crashed computers globally. The outage happened because CrowdStrike’s Falcon, an advanced platform that protects systems from malicious software and hackers, contained a fault that forced computers running Microsoft’s Windows operating system to crash and show the “Blue Screen of Death”.
“Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data,” CrowdStrike said in a statement, referring to the failure of an internal quality control mechanism that allowed the problematic data to slip through the company’s own safety checks.
Earlier, the Reserve Bank of India (RBI) Deputy Governor M Rajeshwar Rao too sounded an alarm to banks and other financial institutions over the growing reliance on single vendors for critical services. Citing the widespread Microsoft outage that brought operations at several Airlines, banks and other institutions at standstill, Rao emphasized the potential disruptions and vulnerabilities such overdependence can create.
In a speech at a BFSI summit, Rao highlighted the risk of “vendor lock-in,” where financial institutions become overly reliant on a single service provider, limiting their flexibility and increasing exposure to potential failures. He also criticized lenders for partnering with digital platforms that lack adequate grievance redressal mechanisms, a practice that can harm customers.
The RBI official stressed the importance of transparency, effective complaint handling, and a balanced regulatory approach that promotes innovation while ensuring robust risk management. He called for financial institutions to strengthen their assurance functions, including risk management, compliance, and internal audit, to mitigate these risks.
The botched CrowdStrike update
A software bug in CrowdStrike’s quality-control system caused the software update that crashed computers globally. The outage happened because CrowdStrike’s Falcon, an advanced platform that protects systems from malicious software and hackers, contained a fault that forced computers running Microsoft’s Windows operating system to crash and show the “Blue Screen of Death”.
“Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data,” CrowdStrike said in a statement, referring to the failure of an internal quality control mechanism that allowed the problematic data to slip through the company’s own safety checks.
#RBI #banks #important #learn #basic #lesson #Microsoft #outage #Times #India
