TY  - JOUR
T1  - Evaluating and Mitigating Cybersecurity Threats from System Update Vulnerabilities through the CrowdStrike Case
AU  - İş, Hafzullah
PY  - 2024
DA  - December
Y2  - 2024
DO  - 10.36222/ejt.1564440
JF  - European Journal of Technique (EJT)
JO  - EJT
PB  - Hibetullah KILIÇ
WT  - DergiPark
SN  - 2536-5010
SP  - 182
EP  - 188
VL  - 14
IS  - 2
LA  - en
AB  - The $5 billion update error in CrowdStrike’s security software led to global disruptions, affecting airports, hospitals, and banking systems. This issue, caused by a faulty software update, resulted in Microsoft Windows computers experiencing "blue screen" failures, impacting approximately 8.5 million devices globally and requiring manual restarts. The malfunction halted aviation, disrupted healthcare services, and disabled some TV channels. Insurance company Parametrix estimated $5.4 billion in losses for 25% of affected Fortune 500 companies in the US and around $15 billion globally.This paper examines the cybersecurity risks associated with vulnerabilities introduced by system updates, with a focus on critical infrastructures. To assess these risks, vulnerability scans were conducted across 12 critical infrastructure organizations, revealing an average 27% vulnerability rate related to updates. Through this study, we identify the evolving threat landscape and propose mitigation strategies to enhance cybersecurity posture, targeting a performance improvement of over 90%.
KW  - CrowdStrike Case
KW  - Critical Infrastructure
KW  - Cyber Security
KW  - Vulnerabilities
KW  - System Analyse.
CR  - [1]	 J. Franks, U.S. Government Accountability Office Letter, “CrowdStrike Chaos Highlights Key Cyber Vulnerabilities with Software Updates”, 2024.
CR  - [2]	 Premakanthan, Nihila. (2024). Analysis of the CrowdStrike Software Update Failure.
CR  - [3]	Techfunnel Magazine Online (2023), https://www.techfunnel.com/information-technology/patch-management-challenges/
CR  - [4]	Tariq, U.; Ahmed, I.; Bashir, A.K.; Shaukat, K. A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review. Sensors 2023, 23, 4117. https://doi.org/10.3390/s23084117
CR  - [5]	Redscan Magazine Online (2020), https://www.redscan.com/news/state-of-cybersecurity-uk-universities-foi-report/
CR  - [6]	Global Threat Report (2023), https://goo.by/aTlWwA
CR  - [7]	Cyber Security and Infrastructure Security Agency (CISA) Cyber Security Report (2023), https://goo.by/NdLTyB
CR  - [8]	TUĞAL, İ., ALMAZ, C., & SEVİ, M. (2021). Üniversitelerdeki Siber Güvenlik Sorunları ve Farkındalık Eğitimleri. Bilişim Teknolojileri Dergisi, 14(3), 229-238. https://doi.org/10.17671/gazibtd.754458
CR  - [9]	Micheal Roytman, Ed Bellis (2023), Modern Vulnerability Management – Predictive Cybersecurity, Artech House Publishment. ISBN: 13:978-1-63081-938-5.
CR  - [10]	T. Tuncer, H. İŞ,(2018) Impact of End Users on Enterprise Cyber Security, International Engineering and Natural Sciences Conference,1,8, ISBN. 978-605-81971-3-8
CR  - [11]	T. TUNCER, H. İş, (2018), Analysis of Cyber Security Vulnerabilities in Corporate Networks, International Engineering and Natural Sciences Conference, 1,11, ISBN. 978-605-81971-3-8.
CR  - [12]	H. İŞ, "LLM-Driven SAT Impact on Phishing Defense: A Cross-Sectional Analysis," 2024 12th International Symposium on Digital Forensics and Security (ISDFS), San Antonio, TX, USA, 2024, pp. 1-5, doi: 10.1109/ISDFS60797.2024.10527274.
CR  - [13]	Hafzullah Is. 2024. Strategic Approaches to Eco-Efficient Computing in Institutional Environments. In Proceedings of the Cognitive Models and Artificial Intelligence Conference (AICCONF '24). Association for Computing Machinery, New York, NY, USA, 186–190. https://doi.org/10.1145/3660853.3660910
UR  - https://doi.org/10.36222/ejt.1564440
L1  - https://dergipark.org.tr/tr/download/article-file/4276587
ER  -