+- Too Many Message Boards (https://tmmb.co.nz/forums)
+-- Forum: General Topics (https://tmmb.co.nz/forums/forumdisplay.php?fid=5)
+--- Forum: News and Current Affairs (https://tmmb.co.nz/forums/forumdisplay.php?fid=74)
+--- Thread: Nationwide computer outage (/showthread.php?tid=3264)
Pages:
1
2
Nationwide computer outage - nzoomed - 19-07-2024
Affecting banks and supermarkets.
Also affecting Australia.
I suspect a cyber attack.
https://www.1news.co.nz/2024/07/19/customers-of-several-major-banks-reporting-outages/
RE: Nationwide computer outage - king1 - 19-07-2024
looking that way isn't it? the odd thing about that one are the reports of blue screens and startup failures, that would suggest either coincidence or malware of some description...
RE: Nationwide computer outage - king1 - 19-07-2024
NZHerald are suggesting Global network issues
Quote:'Large-scale technical outage'
The issue appeared to relate to an issue with global cybersecurity firm CrowdStrike, an Australian government spokesman told Reuters.
Australia's National Cyber Security Coordinator posted on X (formerly Twitter): "I am aware of a large-scale technical outage affecting a number of companies and services across Australia this afternoon".
The office continued: "Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies.
"There is no information to suggest it is a cyber security incident. We continue to engage across key stakeholders."
https://www.nzherald.co.nz/nz/bank-problems-reports-bnz-asb-kiwibank-anz-visa-paywave-services-down/R2EY42QKQBALXNF33G5PA6U3TQ/
Stage 2 of a Fire Sale - what's the transport systems like at your end
https://diehard.fandom.com/wiki/Fire_Sale
RE: Nationwide computer outage - nzoomed - 19-07-2024
(19-07-2024, 06:53 PM)king1 Wrote: looking that way isn't it? the odd thing about that one are the reports of blue screens and startup failures, that would suggest either coincidence or malware of some description...
Yes I was looking at that.
Looks like its MS windows thats affected, wasnt there a major exploit discovered in windows where Microsoft was warning everyone to patch through windows update recently?
It might have been this:
https://www.securityweek.com/microsoft-warns-of-windows-hyper-v-zero-day-being-exploited/
Edit: looks like crowdstrike update may be the cause
RE: Nationwide computer outage - Lilith7 - 19-07-2024
If these cyber attacks continue,& become widespread, the world may need to return to using cash only...
RE: Nationwide computer outage - nzoomed - 19-07-2024
(19-07-2024, 07:21 PM)Lilith7 Wrote: If these cyber attacks continue,& become widespread, the world may need to return to using cash only...
Probably for the better, this demonstrates digital currency is not dependable, especially during disasters.
RE: Nationwide computer outage - Oh_hunnihunni - 19-07-2024
Well, Luxon would go on about China in his cosy up tour to the US. Dear ex Leader Helen and that horrible brash bloke did warn him...
https://www.helenclarknz.com/my-diary/statement-on-nz-government-jeopardising-nzsindependent-foreign-policy-and-economic-security
RE: Nationwide computer outage - zqwerty - 19-07-2024
official workaround:
Boot Windows into Safe Mode or Recovery Environment
Navigate to C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching "C-00000291*.sys", and delete it.
Boot the host normally.
Update:
You only need to do the workaround where the host can't boot to get the online file changes.
https://supportportal.crowdstrike.com/s/article/Tech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19
From here:
https://old.reddit.com/r/sysadmin/comments/1e6vq04/many_windows_10_machines_blue_screening_stuck_at/
Summary
CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor.
Details
Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
Current Action
CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes.
If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:
Workaround Steps:
Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.
Latest Updates
RE: Nationwide computer outage - king1 - 19-07-2024
(19-07-2024, 10:03 PM)zqwerty Wrote: official workaround:
Boot Windows into Safe Mode or Recovery Environment
Navigate to C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching "C-00000291*.sys", and delete it.
Boot the host normally.
https://supportportal.crowdstrike.com/s/article/Tech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19
From here:
https://old.reddit.com/r/sysadmin/comments/1e6vq04/many_windows_10_machines_blue_screening_stuck_at/
good find, looks like a driver issue - must be a component in a remote support/monitoring agent application maybe...
RE: Nationwide computer outage - Agent_24 - 19-07-2024
Some idiot on the dev team probably pushed an untested patch to production by accident
RE: Nationwide computer outage - zqwerty - 19-07-2024
Tech Alert | Windows crashes related to Falcon Sensor | 2024-07-19printFavoriteCloud: US-1EU-1US-2Published Date: Jul 19, 2024
Summary
CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor.
Details
Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
Current Action
CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes.
If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:
Workaround Steps:
Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.
Latest Updates
2024-07-19 05:30 AM UTC | Tech Alert Published.
2024-07-19 06:30 AM UTC | Updated and added workaround details.
EDIT:
Need a CS login to view actual article
Tech Alert | Windows crashes related to Falcon Sensor | 2024-07-19 (crowdstrike.com)
RE: Nationwide computer outage - king1 - 19-07-2024
Amazing how widespread it is - just one innocuous third party application taking down all these critical systems
RE: Nationwide computer outage - zqwerty - 20-07-2024
May be useful to someone:
Supposedly you fix it even without having the bitlocker key:
Cycle through BSODs until you get the recovery screen.
Navigate to Troubleshoot>Advanced Options>Startup Settings
Press "Restart"
Skip the first Bitlocker recovery key prompt by pressing Esc
Skip the second Bitlocker recovery key prompt by selecting Skip This Drive in the bottom right
Navigate to Troubleshoot>Advanced Options> Command Prompt
Type "bcdedit /set {default} safeboot minimal". then press enter.
Go back to the WinRE main menu and select Continue.
It may cycle 2-3 times.
If you booted into safe mode, log in per normal.
Open Windows Explorer, navigate to C:\Windows\System32\drivers\Crowdstrike
Delete the offending file (STARTS with C-00000291*. sys file extension)
Open command prompt (as administrator)
Type "bcdedit /deletevalue {default} safeboot"., then press enter. 5. Restart as normal, confirm normal behavior.
CrowdStrike Windows Outage—What Happened And What To Do Next
https://www.forbes.com/sites/kateoflahertyuk/2024/07/19/crowdstrike-windows-outage-what-happened-and-what-to-do-next/
RE: Nationwide computer outage - harm_less - 20-07-2024
(19-07-2024, 11:36 PM)king1 Wrote: Amazing how widespread it is - just one innocuous third party application taking down all these critical systemsMaybe treat this as a valuable lesson on how reliant the world is on digital control systems. A dry run for the much longer term scenario that would occur in the event of coronal mass ejection or electromagnetic pulse weapon strike. In those cases the loss of communications and functionality of any electronically dependent device would be lost for very much longer than this 'blip', some permanently.
RE: Nationwide computer outage - nzoomed - 20-07-2024
(19-07-2024, 11:36 PM)king1 Wrote: Amazing how widespread it is - just one innocuous third party application taking down all these critical systems
I'm unsure how many home users will be affected, but seems to be more with the crowdstrike product called falcon.
I've personally never encountered it, bit it's possible it's bundled with other software unbeknown to the user.
Anyway here is a good meme doing the rounds.
RE: Nationwide computer outage - Oh_hunnihunni - 20-07-2024
Ahhh, human error. Who'da thunk it.
I prefer the conspiracy theory. Much more interesting, lol.
RE: Nationwide computer outage - Lilith7 - 20-07-2024
Dogs are right, humans are nuts.
RE: Nationwide computer outage - Lilith7 - 20-07-2024
(20-07-2024, 10:36 AM)Oh_hunnihunni Wrote: Ahhh, human error. Who'da thunk it.
I prefer the conspiracy theory. Much more interesting, lol.
Well, you know this denial & claim of human error could be a part of a conspiracy....
RE: Nationwide computer outage - harm_less - 20-07-2024
(20-07-2024, 11:10 AM)Lilith7 Wrote:The whole event is pretty damning for the introduction of cashless banking systems. So who stands to benefit in that case?(20-07-2024, 10:36 AM)Oh_hunnihunni Wrote: Ahhh, human error. Who'da thunk it.
I prefer the conspiracy theory. Much more interesting, lol.
Well, you know this denial & claim of human error could be a part of a conspiracy....
RE: Nationwide computer outage - Oh_hunnihunni - 20-07-2024
I haven't followed that debate, but I suspect anything digital benefits the tech industry, and those few who own it.