CrowdStrike president Michael Sentonas personally accepted a “Most Epic Fail” grant implicit the play astatine the yearly Las Vegas Def Con hacking league for the company’s bundle update that caused a planetary IT outage past month. While accepting the award, helium said it was “super important to ain it erstwhile you bash things horribly wrong, which we did successful this case.”
The Pwnie Awards, fixed retired successful an yearly ceremonial astatine Def Con, observe “the achievements (and failures) of information researchers and the information community.” This year’s categories included awards for mobile, desktop, and crypto bugs, 1 for “Lamest Vendor Response,” and an “Epic Achievement” grant for researchers who’ve discovered captious vulnerabilities.
During his speech, Sentonas said the Pwnie is “definitely not the grant to beryllium arrogant of receiving,” but added that helium volition bring it to CrowdStrike headquarters, wherever “it’s gonna beryllium [in] pridefulness of spot due to the fact that I privation each CrowdStriker who comes to enactment to spot it.” Last year’s “Most Epic Fail” grant went to the US Transportation Security Administration aft a hacker discovered the agency’s “no-fly” list connected an unprotected internet-connected server (Something akin happened successful 2021, arsenic well.)
CrowdStrike earned the grant for releasing a bundle update that caused Windows machines astir the satellite to neglect successful a mode that prevented distant recovery. The crashes caused important outages astatine airlines similar Delta and prompted Microsoft to telephone for changes to Windows that could see denying kernel entree to companies similar CrowdStrike.
CrowdStrike blamed a trial bundle bug for the faulty update and promised to update its investigating and mistake handling, arsenic good arsenic to commencement staggering updates to forestall thing akin from happening successful the future.