How to Recovery from CrowdStrike Falcon Incident on AWS EC2 Cloud Hosted VM

Millions of people were affected by CrowdStrike incident. Now that the damage is done, it is time to recover. Here are a few options for your Amazon AWS EC2 VM environment.

Marcello Marrocos
DevOps, Cloud & IT Career

--

Crowdstrike stroke thousands of applications hosted on Windows OS, affecting millions of people.

But now that the damage is done, what are the options for recovery from this incident?

Photo by William Warby on Unsplash

Before starting, let’s separate the root cause from the affected OS. While Window OS was the main affected, this was not an issue from Microsoft, but from a company specialized in cyber security, where an update to its Falcon agent generated the issue on OS.

Amazon AWS EC2

According to AWS, those are the main options to try to recover from the issue.

Option 1 — Restart Virtual Machine

While this seems a shot in the dark, it is worth a shot. Trying to reboot a few times can allow the instance to have the CrowdStriek Falcon agent tobe restored to a previously working version.

--

--

Marcello Marrocos
DevOps, Cloud & IT Career

Cloud, Integrations and Collaboration Manager | in/mrmarrocos | DevOps, Cloud & IT Career Publication http://devopscloudit.com