The Philippine Computer Emergency Response Team (PH CERT) estimated that it would take “at least several days” before local workstations and servers affected by the shutdown of cybersecurity firm CrowdStrike are up and running again.
In an interview on Friday afternoon, PH CERT president Lito Averia said while it cannot be completely ruled out that malicious threat actors had a hand in the shutdown, information circulating in the cybersecurity sector strongly suggests that the problem now affecting computer systems worldwide was caused accidentally.
He explained that the problem appears to have started when CrowdStrike attempted to install updates into its system.
However, instead of improving its services, CrowdStrike inadvertently triggered a technical issue called “Blue Screen of Death” or BSOD, which, simply put, makes the affected computer freeze completely.
CrowdStrike is a US-based American cybersecurity firm that helps companies manage network security using a cloud-based platform.
“There is no immediate solution to this. The specific file that is causing trouble must be removed from every PC, laptop and server manually. Then, these devices can be restarted and set on recovery mode. This is a very laborious chore, especially for companies with thousands of devices… because the remedy has to be done to each and every device separately,” Averia explained in Filipino.
PH CERT is a non-profit organization composed of information security professionals providing technical and policy advisory services.
