2024 CrowdStrike-related IT outages - Wikipedia

Doug Levin (@[email protected])

This weekend I spent half a day remediating an elderly relative's Win 11 home laptop. Totally overpowered and overpriced for her needs, it was recommended to her by BestBuy when her old machine was complaining it wasn't compatible with the new MS OS rollout :( Both her OS and primary email were compromised. The threat actor did not disable Defender but just excluded every important directory from scans. May have also punched a hole in her device firewall for all I could tell. Only reason she even knew an issue had occured was due to issues with her email. She stopped receiving any emails and we reached out upon recieving what appeared to be a phish from her account. (No link to click in initial message, but an invitation to a longer urgent conversation.) Turns out they just redirected her email to her outlook account email (which she didn't even know she had, but was generated as part of her Win 11 install). They created a new alias and added some other rules to auto-forward further comms. FWIW, the rogue device attached to her account was coming from a TX location - many states away from us. No 2FA, no adblocker, no password manager, no understanding of firewalls, what makes a password stronger vs weaker, confused by messages about actions that were computer/browser/OS related. But look. She's 80+. I only had a few hours to investigate and remediate. I can't change all that and expect her to manage it on her own. How the f*ck is it possible that an average user can manage this stuff? Why is Win such a trash fire? Can't MSFT make a default config for non-technical home users that is locked down by default? She has literally ZERO chance against threat actors on the modern web. We in tech have totally lost the plot... I am NOT looking for advice (just use Linux or w/e). I am venting about shit UI, shit tech co's pushing the next new crap tech for no other reason than $, and the state of the modern web.