Philippines closely monitoring global outage, says its central bank

MANILA (Reuters): The Philippine central bank has announced that some banks have experienced disruptions but are addressing the issue while others have already restored their affected systems.

In a statement, the Bangko Sentral ng Pilipinas (BSP) said it is closely monitoring the global Microsoft and CrowdStrike outage.

The financial system remains resilient, the BSP said, adding that all settlements were successfully completed on Friday.

Security experts said CrowdStrike's routine update of its widely used cybersecurity software, which caused clients' computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed.

The latest version of its Falcon Sensor software was meant make CrowdStrike clients' systems more secure against hacking by updating the threats it defends against. But faulty code in the update files resulted in one of the most widespread tech Outages in recent years for companies using Microsoft's Windows operating system.

Global banks, airlines, hospitals and government offices were disrupted. CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.

"What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through," said Steve Cobb, chief security officer at Security Scorecard, which also had some systems impacted by the issue.

Problems came to light quickly after the update was rolled out on Friday, and users posted pictures on social media of computers with blue screens displaying error messages. These are known in the industry as "blue screens of death."

Patrick Wardle, a security researcher who specialises in studying threats against operating systems, said his analysis identified the code responsible for the Outage.

The update's problem was "in a file that contains either configuration information or signatures," he said. Such signatures are code that detects specific types of malicious code or malware.

"It's very common that security products update their signatures, like once a day... because they're continually monitoring for new malware and because they want to make sure that their customers are protected from the latest threats," he said.

The frequency of updates "is probably the reason why (CrowdStrike) didn't test it as much," he said.

It's unclear how that faulty code got into the update and why it wasn't detected before being released to customers. - Reuters

×
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

CrowdStrike , Global , Internet Outage , Philippines , Central Bank , Close Monitoring

   

Report it to us.

Next In Aseanplus News
New Thai PM Paetongtarn pledges to continue economic reforms and boost healthcare
Anwar, Prabowo determined to improve bilateral relationships
Man rampages at hospital after being denied final viewing of family member
Asean News Headlines at 10pm on Saturday (Sept 7, 2024)
13 foreigners charged over allegedly providing unlicensed payment services at Singapore's Marina Bay Sands casino
Indonesia reaffirms commitment to boost defence ties with Malaysia
Most wanted and dangerous Indian criminal hiding in Thailand arrested by Thai police
Pianist dream is over but China's Ma Lin turns brutal encounter with bear into glorious Paralympic career
Who is the infamous Philippine ex-mayor Alice Guo and what is known about her arrest?
Super Typhoon Yagi kills four in Vietnam after casualties in China and Philippines; Asia's most powerful storm this year

Trending in AseanPlus

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.