COLORADO SPRINGS, Colo. — Friday was a tough day for anyone working in IT. A problematic software update pushed out by CrowdStrike locked up millions of computer systems running on Microsoft Windows.
"Those people are working really hard right now, their weekends are probably destroyed," Rodney Gullatte Jr., a certified ethical hacker and CEO of Firma IT Solutions, said.
Gullatte also serves on the board of the National Cybersecurity Center in Colorado Springs.
He said the software update was easy to find and fix. It was pushed out at 10:00 p.m. Thursday in Colorado.
"It's just a matter of deleting that file, and then restarting your machine," Gullatte said. "It's a little more technical, but what's nice is that a lot of technical teams out there, the remediation for this is pretty simple if you have a good team."
It's simple, yet time-consuming depending on the number of units and servers impacted, according to Gullatte. He warned this is a vulnerable time for many large computer systems.
"We know the companies that are using it through local news or national news, those companies are being identified," Gullatte said. "So, what does that mean? Like how far-reaching is this and what kind of information is that giving criminals to take advantage of, that's where my mind goes."
He recommends companies and governments conduct penetration tests on their systems. The tests are deliberate cyber attacks on your own network to look for and fix vulnerabilities.
"We want to take CrowdStrike at their word, but historically, when we've heard the word "glitch," something else comes back afterward," Gullette said. "We've seen that with AT&T within the last couple of months. So, I'm hoping there's nothing else, but just to be on the safe side, you can't afford to risk. Get yourself a penetration test just to be sure."
