What is CrowdStrike Falcon and what does it do? Is my computer safe?

By Toby Murray, The University of Melbourne

A massive IT outage is currently affecting computer systems worldwide. In Australia and Aotearoa New Zealand, reports indicate computers at banks, media organisations, hospitals, transport services, shop checkouts, airports and more have all been impacted.

Today’s outage is unprecedented in its scale and severity. The technical term for what has happened to the affected computers is that they have been “bricked”. This word refers to those computers being rendered so useless by this outage that – at least for now – they may as well be bricks.

The widespread outage has been linked to a piece of software called CrowdStrike Falcon. What is it, and why has it caused such widespread disruption?

https://x.com/troyhunt/status/1814174010202345761?t=6JwX06DYdG10j83Nov6Dgw&s=19

What is CrowdStrike Falcon?

CrowdStrike is a US cyber security company with a major global share in the tech market. Falcon is one of its software products that organisations install on their computers to keep them safe from cyber attacks and malware.

Falcon is what is known as “endpoint detection and response” (EDR) software. Its job is to monitor what is happening on the computers on which it is installed, looking for signs of nefarious activity (such as malware). When it detects something fishy, it helps to lock down the threat.

This means Falcon is what we call privileged software. To detect signs of attack, Falcon has to monitor computers in a lot of detail, so it has access to a lot of the internal systems. This includes what communications computers are sending over the internet as well as what programs are running, what files are being opened, and much more.

In this sense, Falcon is a bit like traditional antivirus software, but on steroids.

More than that, however, it also needs to be able to lock down threats. For example, if it detects that a computer it is monitoring is communicating with a potential hacker, Falcon needs to be able to shut down that communication.

Read Full Story https://theconversation.com/what-is-crowdstrike-falcon-and-what-does-it-do-is-my-computer-safe-235123