+Follow
TSW13
No personal profile
5
Follow
0
Followers
0
Topic
0
Badge
Posts
Hot
TSW13
2024-07-20
Share your opinion about this news…
How a Routine CrowdStrike Update Crashed the World’s Computers
TSW13
2024-01-26
See
Sorry, the original content has been removed
Go to Tiger App to see more news
{"i18n":{"language":"en_US"},"userPageInfo":{"id":"4100596459110660","uuid":"4100596459110660","gmtCreate":1637642362990,"gmtModify":1637642362990,"name":"TSW13","pinyin":"tsw13","introduction":"","introductionEn":null,"signature":"","avatar":"https://static.laohu8.com/default-avatar.jpg","hat":null,"hatId":null,"hatName":null,"vip":1,"status":2,"fanSize":0,"headSize":5,"tweetSize":2,"questionSize":0,"limitLevel":999,"accountStatus":4,"level":{"id":0,"name":"","nameTw":"","represent":"","factor":"","iconColor":"","bgColor":""},"themeCounts":0,"badgeCounts":0,"badges":[],"moderator":false,"superModerator":false,"manageSymbols":null,"badgeLevel":null,"boolIsFan":false,"boolIsHead":false,"favoriteSize":0,"symbols":null,"coverImage":null,"realNameVerified":"success","userBadges":[{"badgeId":"1026c425416b44e0aac28c11a0848493-2","templateUuid":"1026c425416b44e0aac28c11a0848493","name":"Senior Tiger","description":"Join the tiger community for 1000 days","bigImgUrl":"https://static.tigerbbs.com/0063fb68ea29c9ae6858c58630e182d5","smallImgUrl":"https://static.tigerbbs.com/96c699a93be4214d4b49aea6a5a5d1a4","grayImgUrl":"https://static.tigerbbs.com/35b0e542a9ff77046ed69ef602bc105d","redirectLinkEnabled":0,"redirectLink":null,"hasAllocated":1,"isWearing":0,"stamp":null,"stampPosition":0,"hasStamp":0,"allocationCount":1,"allocatedDate":"2024.08.20","exceedPercentage":null,"individualDisplayEnabled":0,"backgroundColor":null,"fontColor":null,"individualDisplaySort":0,"categoryType":1001},{"badgeId":"a83d7582f45846ffbccbce770ce65d84-1","templateUuid":"a83d7582f45846ffbccbce770ce65d84","name":"Real Trader","description":"Completed a transaction","bigImgUrl":"https://static.tigerbbs.com/2e08a1cc2087a1de93402c2c290fa65b","smallImgUrl":"https://static.tigerbbs.com/4504a6397ce1137932d56e5f4ce27166","grayImgUrl":"https://static.tigerbbs.com/4b22c79415b4cd6e3d8ebc4a0fa32604","redirectLinkEnabled":0,"redirectLink":null,"hasAllocated":1,"isWearing":0,"stamp":null,"stampPosition":0,"hasStamp":0,"allocationCount":1,"allocatedDate":"2021.12.29","exceedPercentage":null,"individualDisplayEnabled":0,"backgroundColor":null,"fontColor":null,"individualDisplaySort":0,"categoryType":1100}],"userBadgeCount":2,"currentWearingBadge":null,"individualDisplayBadges":null,"crmLevel":2,"crmLevelSwitch":0,"location":null,"starInvestorFollowerNum":0,"starInvestorFlag":false,"starInvestorOrderShareNum":0,"subscribeStarInvestorNum":0,"ror":null,"winRationPercentage":null,"showRor":false,"investmentPhilosophy":null,"starInvestorSubscribeFlag":false},"baikeInfo":{},"tab":"post","tweets":[{"id":329483292217512,"gmtCreate":1721446024509,"gmtModify":1721449632544,"author":{"id":"4100596459110660","authorId":"4100596459110660","name":"TSW13","avatar":"https://static.laohu8.com/default-avatar.jpg","crmLevel":2,"crmLevelSwitch":0,"followedFlag":false,"idStr":"4100596459110660","authorIdStr":"4100596459110660"},"themes":[],"htmlText":"Share your opinion about this news…","listText":"Share your opinion about this news…","text":"Share your opinion about this news…","images":[],"top":1,"highlighted":1,"essential":1,"paper":1,"likeSize":2,"commentSize":0,"repostSize":0,"link":"https://ttm.financial/post/329483292217512","repostId":"1190305273","repostType":4,"repost":{"id":"1190305273","kind":"news","pubTimestamp":1721436163,"share":"https://ttm.financial/m/news/1190305273?lang=&edition=fundamental","pubTime":"2024-07-20 08:42","market":"us","language":"en","title":"How a Routine CrowdStrike Update Crashed the World’s Computers","url":"https://stock-news.laohu8.com/highlight/detail?id=1190305273","media":"Bloomberg","summary":"A tiny file ricochetedaround the globe, exposing the global IT network’s fragility and the risks of industry consolidation.When Brendan Delaney, a doctor with the UK’s National Health Service, turned ","content":"<html><head></head><body><ul style=\"\"><li><p>A tiny file ricocheted around the globe, exposing the global IT network’s fragility and the risks of industry consolidation. </p></li></ul><p>When Brendan Delaney, a doctor with the UK’s National Health Service, turned up at his London clinic on Friday, he was expecting a busy day seeing patients.</p><p style=\"text-align: start;\">It had been two months since a devastating cyberattack had affected hospitals and clinics in southeast London. And doctors like Delaney, who’s also a professor at Imperial College London, were finally beginning to feel a return to normalcy. They could send off urgent blood tests again, and cybersecurity experts were making progress repairing and replacing information technology systems that had previously been shut down by a criminal hacker gang.</p><p style=\"text-align: start;\">But just as he arrived, he saw the receptionist hurriedly gathering paper notepads and hunting for a business continuity plan. A system that doctors across England use to view patient records was suddenly not working.</p><p style=\"text-align: start;\">This time the problem was not a ransomware gang. It was a company set up to protect people from hackers. CrowdStrike Holdings Inc., one of the biggest makers of cybersecurity software, had pushed out a flawed update and set off a global IT meltdown, crippling airports, banks, stock exchanges and businesses around the world.</p><p>Incredibly, a tiny file — big enough to hold only a single web page image, according to experts — was responsible for the world’s biggest IT outage. Called “C-00000291*.sys,” it was buried in an update for CrowdStrike’s Falcon sensor product. The bad file caused an error in Microsoft Corp.’s Windows operating system, rendering computers inoperable and triggering the dreaded “blue screen of death.”</p><p>The incident exposed fragility in the global IT system on an unprecedented scale and highlighted the dangers of so many organizations and individuals becoming dependent on a handful of tech companies. If one of them has an outage or gets hacked, the fallout can ripple through wide swaths of the global economy. Microsoft dominates the personal computing business with its Windows operating system, while CrowdStrike has become the go-to vendor for thousands of companies and organizations looking to protect their most important systems from cyberattacks.</p><p>After Microsoft, CrowdStrike is the second-biggest maker of “modern endpoint protection” software and controls 18% of the $12.6 billion market, according to research firm IDC. The Austin-based company sells its products to 29,000 organizations around the world, so the outage likely affected millions of computers that could take weeks or longer to bring back online because they must be repaired manually.</p><p>“It’s a real mess,” said Saif Abed, a former NHS doctor and expert in cybersecurity and public health. “Crowdstrike has affected Microsoft, and the entire NHS is reliant on Microsoft. It’s a domino effect of potential failings.”</p><p>As the outages spread from Asia and Australia across Europe and to the US on Friday, George Kurtz, CrowdStrike’s co-founder and chief executive officer, apologized for the error. “This is not a security incident or cyberattack,” he said. “The issue has been identified, isolated, and a fix has been deployed.”</p><p>Kurtz didn’t specify how the flaw got into the update. But some longstanding critics of his industry already have a working theory. They say CrowdStrike and other cybersecurity companies have sacrificed basic, boring security principles while chasing bigger profits and trying to appease shareholders.</p><p>“It’s time for the industry to grow up and maybe slow down a bit,” said Federico “Fede” Charosky, founder and CEO of Edinburgh-based security services firm Quorum Cyber. “Some developer somewhere made a change and there was no analysis of what impact that change would have. There’s clearly a lack of quality assurance and testing and taking shortcuts in pursuit of speed. What this shows is that we’re delusional in our complete trust in the technologies that are so intrinsic to running everything.”</p><p>What happened on Friday is exceedingly rare, but CrowdStrike’s Kurtz has been here before. Back in 2010, he was the chief technology officer at antivirus software pioneer McAfee. In April of that year, McAfee published an update that mistakenly labeled a legitimate Windows file as infected and paralyzed computers at hospitals, schools and government agencies around the world.</p><p>The company yanked the flawed update just 16 minutes later, but by then it had been installed on computers at more than 1,600 customers, according to Dave DeWalt, who was McAfee’s CEO at the time and now runs a cybersecurity-focused venture capital firm. “We lost about 40% of our market capitalization that day,” DeWalt said in an interview, adding that the company sent close to 4,000 employees on planes to help affected customers recover from the incident.</p><p>McAfee ultimately recovered from the crisis, but employees at the time described it as extremely traumatic and humbling. Four months later, Intel Corp. announced that it was buying the company.</p><p>Cyber industry observers wonder if CrowdStrike will learn from its own mistake. Already some are saying the company had been asking for trouble. For years, CrowdStrike has attacked Microsoft for allowing hackers to penetrate its systems, and Kurtz has used those lapses as a selling point for his own products.</p><p>Shortly after the US government released a report taking Microsoft to task for a “cascade of security failures,” Kurtz pounced, citing its findings to investors on an earnings call and saying Microsoft’s issues prompted an “outpouring of requests” from potential customers. “There’s a widespread crisis of confidence among security and IT teams within the Microsoft security customer base,” he said.</p><p>“CrowdStrike has tried to bash Microsoft as much as they could and they were trying to profit from it,” Charosky said. “But nobody escapes when your company is such a massive part of the world’s infrastructure. This is karma. When a company graduates from being a startup to being critical national infrastructure, it needs to behave differently, and I don’t know if CrowdStrike has gone through that transition.”</p><p>Some online commentators have described CrowdStrike’s flawed update as the “malware of the year,” owing to the level of destruction it has wrought. The jokey comparison to hacker attack code has some grounding in reality. The recovery time for affected organizations could be weeks or longer, roughly similar to the amount of time it takes a large organization to rebuild its network after a ransomware attack, cybersecurity experts said.</p><p>The biggest challenge in bringing the computers back online is that CrowdStrike’s fix needs to be applied manually, computer by computer, by someone with administrative privileges — an exceptionally time-consuming process and particularly difficult in an era of remote work.</p><p>Michael Henry, co-founder and chairman of Plano, Texas-based cybersecurity services firm Accelerynt Inc., says one customer, a large US retailer, had to call in its entire IT staff and had them working round the clock updating some 6,000 affected computers by hand. The company expected it to take all weekend to restore critical systems, he said, and as much as three weeks before all systems are fully back online.</p><p>“It’s crazy. They’re triaging, they’re focusing on critical systems first,” Henry said. “It’s a retail operation, so they’re making sure the stores can come back up.”</p><p>Henry has a question that many people are asking in the wake of the outage: How did this happen?</p><p>“CrowdStrike has done more to disrupt global business than all the ransomware operators combined,” he said. “This is a demonstration of how much risk we’re carrying with this software that we’ve deployed to protect ourselves: If these guys get it wrong, they can take your business down.”</p><p>In a statement issued late Friday, Kurtz said: “As this incident is resolved, you have my commitment to provide full transparency on how this occurred and the steps we’re taking to prevent anything like this from happening again. We are working on a technical update and root cause analysis that we will share with everyone as well.”</p><p>Cybersecurity and legal experts say CrowdStrike is almost certain to be hit with lawsuits, financial costs and other penalties. The incident is also sure to spark a fresh conversation about the increasing concentration of power — and risk — in the hands of a few cybersecurity companies.</p><p>By Silicon Valley standards, the cybersecurity industry is relatively young, one that came of age in the era of worms and floppy-disk viruses and which two decades ago was dominated by two companies – Symantec and McAfee – whose antivirus products were focused on a strategy that now seems quaint, writing “signatures” to block known malware strains.</p><p>Today, attackers have gotten more advanced, and traditional antivirus software has fallen out of favor, ushering those legacy security makers off the stage. In their place, there’s demand for products that can detect a range of threats on PCs and automate the remediation of them.</p><p>The problem is that these technologies are largely controlled by Microsoft and CrowdStrike. Some experts, including Justin Cappos, a computer science professor at New York University, said he’s been warning that that consolidation in the security industry— and centralized decision-making that comes with it — can lead to big problems, a debate that’s happened elsewhere in tech.</p><p>“Big companies make big mistakes in the tech space,” he said in an interview. “A lot of the really bad security designs that we’ve seen have come out of efforts by major companies.”</p></body></html>","source":"lsy1584095487587","collect":0,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>How a Routine CrowdStrike Update Crashed the World’s Computers</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nHow a Routine CrowdStrike Update Crashed the World’s Computers\n</h2>\n\n<h4 class=\"meta\">\n\n\n2024-07-20 08:42 GMT+8 <a href=https://www.bloomberg.com/news/features/2024-07-19/crowdstrike-outage-reveals-global-it-fragility-leaving-airports-banks-paralyzed?srnd=homepage-asia><strong>Bloomberg</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>A tiny file ricocheted around the globe, exposing the global IT network’s fragility and the risks of industry consolidation. When Brendan Delaney, a doctor with the UK’s National Health Service, ...</p>\n\n<a href=\"https://www.bloomberg.com/news/features/2024-07-19/crowdstrike-outage-reveals-global-it-fragility-leaving-airports-banks-paralyzed?srnd=homepage-asia\">Web Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","type":0,"thumbnail":"","relate_stocks":{"CRWD":"CrowdStrike Holdings, Inc.","MSFT":"微软"},"source_url":"https://www.bloomberg.com/news/features/2024-07-19/crowdstrike-outage-reveals-global-it-fragility-leaving-airports-banks-paralyzed?srnd=homepage-asia","is_english":true,"share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","article_id":"1190305273","content_text":"A tiny file ricocheted around the globe, exposing the global IT network’s fragility and the risks of industry consolidation. When Brendan Delaney, a doctor with the UK’s National Health Service, turned up at his London clinic on Friday, he was expecting a busy day seeing patients.It had been two months since a devastating cyberattack had affected hospitals and clinics in southeast London. And doctors like Delaney, who’s also a professor at Imperial College London, were finally beginning to feel a return to normalcy. They could send off urgent blood tests again, and cybersecurity experts were making progress repairing and replacing information technology systems that had previously been shut down by a criminal hacker gang.But just as he arrived, he saw the receptionist hurriedly gathering paper notepads and hunting for a business continuity plan. A system that doctors across England use to view patient records was suddenly not working.This time the problem was not a ransomware gang. It was a company set up to protect people from hackers. CrowdStrike Holdings Inc., one of the biggest makers of cybersecurity software, had pushed out a flawed update and set off a global IT meltdown, crippling airports, banks, stock exchanges and businesses around the world.Incredibly, a tiny file — big enough to hold only a single web page image, according to experts — was responsible for the world’s biggest IT outage. Called “C-00000291*.sys,” it was buried in an update for CrowdStrike’s Falcon sensor product. The bad file caused an error in Microsoft Corp.’s Windows operating system, rendering computers inoperable and triggering the dreaded “blue screen of death.”The incident exposed fragility in the global IT system on an unprecedented scale and highlighted the dangers of so many organizations and individuals becoming dependent on a handful of tech companies. If one of them has an outage or gets hacked, the fallout can ripple through wide swaths of the global economy. Microsoft dominates the personal computing business with its Windows operating system, while CrowdStrike has become the go-to vendor for thousands of companies and organizations looking to protect their most important systems from cyberattacks.After Microsoft, CrowdStrike is the second-biggest maker of “modern endpoint protection” software and controls 18% of the $12.6 billion market, according to research firm IDC. The Austin-based company sells its products to 29,000 organizations around the world, so the outage likely affected millions of computers that could take weeks or longer to bring back online because they must be repaired manually.“It’s a real mess,” said Saif Abed, a former NHS doctor and expert in cybersecurity and public health. “Crowdstrike has affected Microsoft, and the entire NHS is reliant on Microsoft. It’s a domino effect of potential failings.”As the outages spread from Asia and Australia across Europe and to the US on Friday, George Kurtz, CrowdStrike’s co-founder and chief executive officer, apologized for the error. “This is not a security incident or cyberattack,” he said. “The issue has been identified, isolated, and a fix has been deployed.”Kurtz didn’t specify how the flaw got into the update. But some longstanding critics of his industry already have a working theory. They say CrowdStrike and other cybersecurity companies have sacrificed basic, boring security principles while chasing bigger profits and trying to appease shareholders.“It’s time for the industry to grow up and maybe slow down a bit,” said Federico “Fede” Charosky, founder and CEO of Edinburgh-based security services firm Quorum Cyber. “Some developer somewhere made a change and there was no analysis of what impact that change would have. There’s clearly a lack of quality assurance and testing and taking shortcuts in pursuit of speed. What this shows is that we’re delusional in our complete trust in the technologies that are so intrinsic to running everything.”What happened on Friday is exceedingly rare, but CrowdStrike’s Kurtz has been here before. Back in 2010, he was the chief technology officer at antivirus software pioneer McAfee. In April of that year, McAfee published an update that mistakenly labeled a legitimate Windows file as infected and paralyzed computers at hospitals, schools and government agencies around the world.The company yanked the flawed update just 16 minutes later, but by then it had been installed on computers at more than 1,600 customers, according to Dave DeWalt, who was McAfee’s CEO at the time and now runs a cybersecurity-focused venture capital firm. “We lost about 40% of our market capitalization that day,” DeWalt said in an interview, adding that the company sent close to 4,000 employees on planes to help affected customers recover from the incident.McAfee ultimately recovered from the crisis, but employees at the time described it as extremely traumatic and humbling. Four months later, Intel Corp. announced that it was buying the company.Cyber industry observers wonder if CrowdStrike will learn from its own mistake. Already some are saying the company had been asking for trouble. For years, CrowdStrike has attacked Microsoft for allowing hackers to penetrate its systems, and Kurtz has used those lapses as a selling point for his own products.Shortly after the US government released a report taking Microsoft to task for a “cascade of security failures,” Kurtz pounced, citing its findings to investors on an earnings call and saying Microsoft’s issues prompted an “outpouring of requests” from potential customers. “There’s a widespread crisis of confidence among security and IT teams within the Microsoft security customer base,” he said.“CrowdStrike has tried to bash Microsoft as much as they could and they were trying to profit from it,” Charosky said. “But nobody escapes when your company is such a massive part of the world’s infrastructure. This is karma. When a company graduates from being a startup to being critical national infrastructure, it needs to behave differently, and I don’t know if CrowdStrike has gone through that transition.”Some online commentators have described CrowdStrike’s flawed update as the “malware of the year,” owing to the level of destruction it has wrought. The jokey comparison to hacker attack code has some grounding in reality. The recovery time for affected organizations could be weeks or longer, roughly similar to the amount of time it takes a large organization to rebuild its network after a ransomware attack, cybersecurity experts said.The biggest challenge in bringing the computers back online is that CrowdStrike’s fix needs to be applied manually, computer by computer, by someone with administrative privileges — an exceptionally time-consuming process and particularly difficult in an era of remote work.Michael Henry, co-founder and chairman of Plano, Texas-based cybersecurity services firm Accelerynt Inc., says one customer, a large US retailer, had to call in its entire IT staff and had them working round the clock updating some 6,000 affected computers by hand. The company expected it to take all weekend to restore critical systems, he said, and as much as three weeks before all systems are fully back online.“It’s crazy. They’re triaging, they’re focusing on critical systems first,” Henry said. “It’s a retail operation, so they’re making sure the stores can come back up.”Henry has a question that many people are asking in the wake of the outage: How did this happen?“CrowdStrike has done more to disrupt global business than all the ransomware operators combined,” he said. “This is a demonstration of how much risk we’re carrying with this software that we’ve deployed to protect ourselves: If these guys get it wrong, they can take your business down.”In a statement issued late Friday, Kurtz said: “As this incident is resolved, you have my commitment to provide full transparency on how this occurred and the steps we’re taking to prevent anything like this from happening again. We are working on a technical update and root cause analysis that we will share with everyone as well.”Cybersecurity and legal experts say CrowdStrike is almost certain to be hit with lawsuits, financial costs and other penalties. The incident is also sure to spark a fresh conversation about the increasing concentration of power — and risk — in the hands of a few cybersecurity companies.By Silicon Valley standards, the cybersecurity industry is relatively young, one that came of age in the era of worms and floppy-disk viruses and which two decades ago was dominated by two companies – Symantec and McAfee – whose antivirus products were focused on a strategy that now seems quaint, writing “signatures” to block known malware strains.Today, attackers have gotten more advanced, and traditional antivirus software has fallen out of favor, ushering those legacy security makers off the stage. In their place, there’s demand for products that can detect a range of threats on PCs and automate the remediation of them.The problem is that these technologies are largely controlled by Microsoft and CrowdStrike. Some experts, including Justin Cappos, a computer science professor at New York University, said he’s been warning that that consolidation in the security industry— and centralized decision-making that comes with it — can lead to big problems, a debate that’s happened elsewhere in tech.“Big companies make big mistakes in the tech space,” he said in an interview. “A lot of the really bad security designs that we’ve seen have come out of efforts by major companies.”","news_type":1},"isVote":1,"tweetType":1,"viewCount":170,"authorTweetTopStatus":1,"verified":2,"comments":[],"imageCount":0,"langContent":"EN","totalScore":0},{"id":267218662285592,"gmtCreate":1706249022262,"gmtModify":1706249677777,"author":{"id":"4100596459110660","authorId":"4100596459110660","name":"TSW13","avatar":"https://static.laohu8.com/default-avatar.jpg","crmLevel":2,"crmLevelSwitch":0,"followedFlag":false,"idStr":"4100596459110660","authorIdStr":"4100596459110660"},"themes":[],"htmlText":"See","listText":"See","text":"See","images":[],"top":1,"highlighted":1,"essential":1,"paper":1,"likeSize":0,"commentSize":0,"repostSize":0,"link":"https://ttm.financial/post/267218662285592","repostId":"1181182972","repostType":4,"isVote":1,"tweetType":1,"viewCount":200,"authorTweetTopStatus":1,"verified":2,"comments":[],"imageCount":0,"langContent":"EN","totalScore":0}],"hots":[{"id":329483292217512,"gmtCreate":1721446024509,"gmtModify":1721449632544,"author":{"id":"4100596459110660","authorId":"4100596459110660","name":"TSW13","avatar":"https://static.laohu8.com/default-avatar.jpg","crmLevel":2,"crmLevelSwitch":0,"followedFlag":false,"idStr":"4100596459110660","authorIdStr":"4100596459110660"},"themes":[],"htmlText":"Share your opinion about this news…","listText":"Share your opinion about this news…","text":"Share your opinion about this news…","images":[],"top":1,"highlighted":1,"essential":1,"paper":1,"likeSize":2,"commentSize":0,"repostSize":0,"link":"https://ttm.financial/post/329483292217512","repostId":"1190305273","repostType":4,"repost":{"id":"1190305273","kind":"news","pubTimestamp":1721436163,"share":"https://ttm.financial/m/news/1190305273?lang=&edition=fundamental","pubTime":"2024-07-20 08:42","market":"us","language":"en","title":"How a Routine CrowdStrike Update Crashed the World’s Computers","url":"https://stock-news.laohu8.com/highlight/detail?id=1190305273","media":"Bloomberg","summary":"A tiny file ricochetedaround the globe, exposing the global IT network’s fragility and the risks of industry consolidation.When Brendan Delaney, a doctor with the UK’s National Health Service, turned ","content":"<html><head></head><body><ul style=\"\"><li><p>A tiny file ricocheted around the globe, exposing the global IT network’s fragility and the risks of industry consolidation. </p></li></ul><p>When Brendan Delaney, a doctor with the UK’s National Health Service, turned up at his London clinic on Friday, he was expecting a busy day seeing patients.</p><p style=\"text-align: start;\">It had been two months since a devastating cyberattack had affected hospitals and clinics in southeast London. And doctors like Delaney, who’s also a professor at Imperial College London, were finally beginning to feel a return to normalcy. They could send off urgent blood tests again, and cybersecurity experts were making progress repairing and replacing information technology systems that had previously been shut down by a criminal hacker gang.</p><p style=\"text-align: start;\">But just as he arrived, he saw the receptionist hurriedly gathering paper notepads and hunting for a business continuity plan. A system that doctors across England use to view patient records was suddenly not working.</p><p style=\"text-align: start;\">This time the problem was not a ransomware gang. It was a company set up to protect people from hackers. CrowdStrike Holdings Inc., one of the biggest makers of cybersecurity software, had pushed out a flawed update and set off a global IT meltdown, crippling airports, banks, stock exchanges and businesses around the world.</p><p>Incredibly, a tiny file — big enough to hold only a single web page image, according to experts — was responsible for the world’s biggest IT outage. Called “C-00000291*.sys,” it was buried in an update for CrowdStrike’s Falcon sensor product. The bad file caused an error in Microsoft Corp.’s Windows operating system, rendering computers inoperable and triggering the dreaded “blue screen of death.”</p><p>The incident exposed fragility in the global IT system on an unprecedented scale and highlighted the dangers of so many organizations and individuals becoming dependent on a handful of tech companies. If one of them has an outage or gets hacked, the fallout can ripple through wide swaths of the global economy. Microsoft dominates the personal computing business with its Windows operating system, while CrowdStrike has become the go-to vendor for thousands of companies and organizations looking to protect their most important systems from cyberattacks.</p><p>After Microsoft, CrowdStrike is the second-biggest maker of “modern endpoint protection” software and controls 18% of the $12.6 billion market, according to research firm IDC. The Austin-based company sells its products to 29,000 organizations around the world, so the outage likely affected millions of computers that could take weeks or longer to bring back online because they must be repaired manually.</p><p>“It’s a real mess,” said Saif Abed, a former NHS doctor and expert in cybersecurity and public health. “Crowdstrike has affected Microsoft, and the entire NHS is reliant on Microsoft. It’s a domino effect of potential failings.”</p><p>As the outages spread from Asia and Australia across Europe and to the US on Friday, George Kurtz, CrowdStrike’s co-founder and chief executive officer, apologized for the error. “This is not a security incident or cyberattack,” he said. “The issue has been identified, isolated, and a fix has been deployed.”</p><p>Kurtz didn’t specify how the flaw got into the update. But some longstanding critics of his industry already have a working theory. They say CrowdStrike and other cybersecurity companies have sacrificed basic, boring security principles while chasing bigger profits and trying to appease shareholders.</p><p>“It’s time for the industry to grow up and maybe slow down a bit,” said Federico “Fede” Charosky, founder and CEO of Edinburgh-based security services firm Quorum Cyber. “Some developer somewhere made a change and there was no analysis of what impact that change would have. There’s clearly a lack of quality assurance and testing and taking shortcuts in pursuit of speed. What this shows is that we’re delusional in our complete trust in the technologies that are so intrinsic to running everything.”</p><p>What happened on Friday is exceedingly rare, but CrowdStrike’s Kurtz has been here before. Back in 2010, he was the chief technology officer at antivirus software pioneer McAfee. In April of that year, McAfee published an update that mistakenly labeled a legitimate Windows file as infected and paralyzed computers at hospitals, schools and government agencies around the world.</p><p>The company yanked the flawed update just 16 minutes later, but by then it had been installed on computers at more than 1,600 customers, according to Dave DeWalt, who was McAfee’s CEO at the time and now runs a cybersecurity-focused venture capital firm. “We lost about 40% of our market capitalization that day,” DeWalt said in an interview, adding that the company sent close to 4,000 employees on planes to help affected customers recover from the incident.</p><p>McAfee ultimately recovered from the crisis, but employees at the time described it as extremely traumatic and humbling. Four months later, Intel Corp. announced that it was buying the company.</p><p>Cyber industry observers wonder if CrowdStrike will learn from its own mistake. Already some are saying the company had been asking for trouble. For years, CrowdStrike has attacked Microsoft for allowing hackers to penetrate its systems, and Kurtz has used those lapses as a selling point for his own products.</p><p>Shortly after the US government released a report taking Microsoft to task for a “cascade of security failures,” Kurtz pounced, citing its findings to investors on an earnings call and saying Microsoft’s issues prompted an “outpouring of requests” from potential customers. “There’s a widespread crisis of confidence among security and IT teams within the Microsoft security customer base,” he said.</p><p>“CrowdStrike has tried to bash Microsoft as much as they could and they were trying to profit from it,” Charosky said. “But nobody escapes when your company is such a massive part of the world’s infrastructure. This is karma. When a company graduates from being a startup to being critical national infrastructure, it needs to behave differently, and I don’t know if CrowdStrike has gone through that transition.”</p><p>Some online commentators have described CrowdStrike’s flawed update as the “malware of the year,” owing to the level of destruction it has wrought. The jokey comparison to hacker attack code has some grounding in reality. The recovery time for affected organizations could be weeks or longer, roughly similar to the amount of time it takes a large organization to rebuild its network after a ransomware attack, cybersecurity experts said.</p><p>The biggest challenge in bringing the computers back online is that CrowdStrike’s fix needs to be applied manually, computer by computer, by someone with administrative privileges — an exceptionally time-consuming process and particularly difficult in an era of remote work.</p><p>Michael Henry, co-founder and chairman of Plano, Texas-based cybersecurity services firm Accelerynt Inc., says one customer, a large US retailer, had to call in its entire IT staff and had them working round the clock updating some 6,000 affected computers by hand. The company expected it to take all weekend to restore critical systems, he said, and as much as three weeks before all systems are fully back online.</p><p>“It’s crazy. They’re triaging, they’re focusing on critical systems first,” Henry said. “It’s a retail operation, so they’re making sure the stores can come back up.”</p><p>Henry has a question that many people are asking in the wake of the outage: How did this happen?</p><p>“CrowdStrike has done more to disrupt global business than all the ransomware operators combined,” he said. “This is a demonstration of how much risk we’re carrying with this software that we’ve deployed to protect ourselves: If these guys get it wrong, they can take your business down.”</p><p>In a statement issued late Friday, Kurtz said: “As this incident is resolved, you have my commitment to provide full transparency on how this occurred and the steps we’re taking to prevent anything like this from happening again. We are working on a technical update and root cause analysis that we will share with everyone as well.”</p><p>Cybersecurity and legal experts say CrowdStrike is almost certain to be hit with lawsuits, financial costs and other penalties. The incident is also sure to spark a fresh conversation about the increasing concentration of power — and risk — in the hands of a few cybersecurity companies.</p><p>By Silicon Valley standards, the cybersecurity industry is relatively young, one that came of age in the era of worms and floppy-disk viruses and which two decades ago was dominated by two companies – Symantec and McAfee – whose antivirus products were focused on a strategy that now seems quaint, writing “signatures” to block known malware strains.</p><p>Today, attackers have gotten more advanced, and traditional antivirus software has fallen out of favor, ushering those legacy security makers off the stage. In their place, there’s demand for products that can detect a range of threats on PCs and automate the remediation of them.</p><p>The problem is that these technologies are largely controlled by Microsoft and CrowdStrike. Some experts, including Justin Cappos, a computer science professor at New York University, said he’s been warning that that consolidation in the security industry— and centralized decision-making that comes with it — can lead to big problems, a debate that’s happened elsewhere in tech.</p><p>“Big companies make big mistakes in the tech space,” he said in an interview. “A lot of the really bad security designs that we’ve seen have come out of efforts by major companies.”</p></body></html>","source":"lsy1584095487587","collect":0,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>How a Routine CrowdStrike Update Crashed the World’s Computers</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nHow a Routine CrowdStrike Update Crashed the World’s Computers\n</h2>\n\n<h4 class=\"meta\">\n\n\n2024-07-20 08:42 GMT+8 <a href=https://www.bloomberg.com/news/features/2024-07-19/crowdstrike-outage-reveals-global-it-fragility-leaving-airports-banks-paralyzed?srnd=homepage-asia><strong>Bloomberg</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>A tiny file ricocheted around the globe, exposing the global IT network’s fragility and the risks of industry consolidation. When Brendan Delaney, a doctor with the UK’s National Health Service, ...</p>\n\n<a href=\"https://www.bloomberg.com/news/features/2024-07-19/crowdstrike-outage-reveals-global-it-fragility-leaving-airports-banks-paralyzed?srnd=homepage-asia\">Web Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","type":0,"thumbnail":"","relate_stocks":{"CRWD":"CrowdStrike Holdings, Inc.","MSFT":"微软"},"source_url":"https://www.bloomberg.com/news/features/2024-07-19/crowdstrike-outage-reveals-global-it-fragility-leaving-airports-banks-paralyzed?srnd=homepage-asia","is_english":true,"share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","article_id":"1190305273","content_text":"A tiny file ricocheted around the globe, exposing the global IT network’s fragility and the risks of industry consolidation. When Brendan Delaney, a doctor with the UK’s National Health Service, turned up at his London clinic on Friday, he was expecting a busy day seeing patients.It had been two months since a devastating cyberattack had affected hospitals and clinics in southeast London. And doctors like Delaney, who’s also a professor at Imperial College London, were finally beginning to feel a return to normalcy. They could send off urgent blood tests again, and cybersecurity experts were making progress repairing and replacing information technology systems that had previously been shut down by a criminal hacker gang.But just as he arrived, he saw the receptionist hurriedly gathering paper notepads and hunting for a business continuity plan. A system that doctors across England use to view patient records was suddenly not working.This time the problem was not a ransomware gang. It was a company set up to protect people from hackers. CrowdStrike Holdings Inc., one of the biggest makers of cybersecurity software, had pushed out a flawed update and set off a global IT meltdown, crippling airports, banks, stock exchanges and businesses around the world.Incredibly, a tiny file — big enough to hold only a single web page image, according to experts — was responsible for the world’s biggest IT outage. Called “C-00000291*.sys,” it was buried in an update for CrowdStrike’s Falcon sensor product. The bad file caused an error in Microsoft Corp.’s Windows operating system, rendering computers inoperable and triggering the dreaded “blue screen of death.”The incident exposed fragility in the global IT system on an unprecedented scale and highlighted the dangers of so many organizations and individuals becoming dependent on a handful of tech companies. If one of them has an outage or gets hacked, the fallout can ripple through wide swaths of the global economy. Microsoft dominates the personal computing business with its Windows operating system, while CrowdStrike has become the go-to vendor for thousands of companies and organizations looking to protect their most important systems from cyberattacks.After Microsoft, CrowdStrike is the second-biggest maker of “modern endpoint protection” software and controls 18% of the $12.6 billion market, according to research firm IDC. The Austin-based company sells its products to 29,000 organizations around the world, so the outage likely affected millions of computers that could take weeks or longer to bring back online because they must be repaired manually.“It’s a real mess,” said Saif Abed, a former NHS doctor and expert in cybersecurity and public health. “Crowdstrike has affected Microsoft, and the entire NHS is reliant on Microsoft. It’s a domino effect of potential failings.”As the outages spread from Asia and Australia across Europe and to the US on Friday, George Kurtz, CrowdStrike’s co-founder and chief executive officer, apologized for the error. “This is not a security incident or cyberattack,” he said. “The issue has been identified, isolated, and a fix has been deployed.”Kurtz didn’t specify how the flaw got into the update. But some longstanding critics of his industry already have a working theory. They say CrowdStrike and other cybersecurity companies have sacrificed basic, boring security principles while chasing bigger profits and trying to appease shareholders.“It’s time for the industry to grow up and maybe slow down a bit,” said Federico “Fede” Charosky, founder and CEO of Edinburgh-based security services firm Quorum Cyber. “Some developer somewhere made a change and there was no analysis of what impact that change would have. There’s clearly a lack of quality assurance and testing and taking shortcuts in pursuit of speed. What this shows is that we’re delusional in our complete trust in the technologies that are so intrinsic to running everything.”What happened on Friday is exceedingly rare, but CrowdStrike’s Kurtz has been here before. Back in 2010, he was the chief technology officer at antivirus software pioneer McAfee. In April of that year, McAfee published an update that mistakenly labeled a legitimate Windows file as infected and paralyzed computers at hospitals, schools and government agencies around the world.The company yanked the flawed update just 16 minutes later, but by then it had been installed on computers at more than 1,600 customers, according to Dave DeWalt, who was McAfee’s CEO at the time and now runs a cybersecurity-focused venture capital firm. “We lost about 40% of our market capitalization that day,” DeWalt said in an interview, adding that the company sent close to 4,000 employees on planes to help affected customers recover from the incident.McAfee ultimately recovered from the crisis, but employees at the time described it as extremely traumatic and humbling. Four months later, Intel Corp. announced that it was buying the company.Cyber industry observers wonder if CrowdStrike will learn from its own mistake. Already some are saying the company had been asking for trouble. For years, CrowdStrike has attacked Microsoft for allowing hackers to penetrate its systems, and Kurtz has used those lapses as a selling point for his own products.Shortly after the US government released a report taking Microsoft to task for a “cascade of security failures,” Kurtz pounced, citing its findings to investors on an earnings call and saying Microsoft’s issues prompted an “outpouring of requests” from potential customers. “There’s a widespread crisis of confidence among security and IT teams within the Microsoft security customer base,” he said.“CrowdStrike has tried to bash Microsoft as much as they could and they were trying to profit from it,” Charosky said. “But nobody escapes when your company is such a massive part of the world’s infrastructure. This is karma. When a company graduates from being a startup to being critical national infrastructure, it needs to behave differently, and I don’t know if CrowdStrike has gone through that transition.”Some online commentators have described CrowdStrike’s flawed update as the “malware of the year,” owing to the level of destruction it has wrought. The jokey comparison to hacker attack code has some grounding in reality. The recovery time for affected organizations could be weeks or longer, roughly similar to the amount of time it takes a large organization to rebuild its network after a ransomware attack, cybersecurity experts said.The biggest challenge in bringing the computers back online is that CrowdStrike’s fix needs to be applied manually, computer by computer, by someone with administrative privileges — an exceptionally time-consuming process and particularly difficult in an era of remote work.Michael Henry, co-founder and chairman of Plano, Texas-based cybersecurity services firm Accelerynt Inc., says one customer, a large US retailer, had to call in its entire IT staff and had them working round the clock updating some 6,000 affected computers by hand. The company expected it to take all weekend to restore critical systems, he said, and as much as three weeks before all systems are fully back online.“It’s crazy. They’re triaging, they’re focusing on critical systems first,” Henry said. “It’s a retail operation, so they’re making sure the stores can come back up.”Henry has a question that many people are asking in the wake of the outage: How did this happen?“CrowdStrike has done more to disrupt global business than all the ransomware operators combined,” he said. “This is a demonstration of how much risk we’re carrying with this software that we’ve deployed to protect ourselves: If these guys get it wrong, they can take your business down.”In a statement issued late Friday, Kurtz said: “As this incident is resolved, you have my commitment to provide full transparency on how this occurred and the steps we’re taking to prevent anything like this from happening again. We are working on a technical update and root cause analysis that we will share with everyone as well.”Cybersecurity and legal experts say CrowdStrike is almost certain to be hit with lawsuits, financial costs and other penalties. The incident is also sure to spark a fresh conversation about the increasing concentration of power — and risk — in the hands of a few cybersecurity companies.By Silicon Valley standards, the cybersecurity industry is relatively young, one that came of age in the era of worms and floppy-disk viruses and which two decades ago was dominated by two companies – Symantec and McAfee – whose antivirus products were focused on a strategy that now seems quaint, writing “signatures” to block known malware strains.Today, attackers have gotten more advanced, and traditional antivirus software has fallen out of favor, ushering those legacy security makers off the stage. In their place, there’s demand for products that can detect a range of threats on PCs and automate the remediation of them.The problem is that these technologies are largely controlled by Microsoft and CrowdStrike. Some experts, including Justin Cappos, a computer science professor at New York University, said he’s been warning that that consolidation in the security industry— and centralized decision-making that comes with it — can lead to big problems, a debate that’s happened elsewhere in tech.“Big companies make big mistakes in the tech space,” he said in an interview. “A lot of the really bad security designs that we’ve seen have come out of efforts by major companies.”","news_type":1},"isVote":1,"tweetType":1,"viewCount":170,"authorTweetTopStatus":1,"verified":2,"comments":[],"imageCount":0,"langContent":"EN","totalScore":0},{"id":267218662285592,"gmtCreate":1706249022262,"gmtModify":1706249677777,"author":{"id":"4100596459110660","authorId":"4100596459110660","name":"TSW13","avatar":"https://static.laohu8.com/default-avatar.jpg","crmLevel":2,"crmLevelSwitch":0,"followedFlag":false,"idStr":"4100596459110660","authorIdStr":"4100596459110660"},"themes":[],"htmlText":"See","listText":"See","text":"See","images":[],"top":1,"highlighted":1,"essential":1,"paper":1,"likeSize":0,"commentSize":0,"repostSize":0,"link":"https://ttm.financial/post/267218662285592","repostId":"1181182972","repostType":4,"repost":{"id":"1181182972","kind":"news","pubTimestamp":1706231966,"share":"https://ttm.financial/m/news/1181182972?lang=&edition=fundamental","pubTime":"2024-01-26 09:19","market":"sg","language":"en","title":"Singapore Home Rents Fall for First Time in Over Three Years","url":"https://stock-news.laohu8.com/highlight/detail?id=1181182972","media":"Bloomberg","summary":"Singapore rents dropped for the first time in more than three years on the back of increased housing supply and expectations for an economic slowdown.An index of rents for private homes in the financi","content":"<html><head></head><body><p>Singapore rents dropped for the first time in more than three years on the back of increased housing supply and expectations for an economic slowdown.</p><p style=\"text-align: start;\">An index of rents for private homes in the financial hub fell 2.1% in the fourth quarter compared with a 0.8% rise in the previous three months. That’s the first decline since the third quarter of 2020, according to figures published Friday by the Urban Redevelopment Authority.</p><p style=\"text-align: start;\">“With the increased competition, landlords are more willing to accept lower prices, especially for luxury segments,” said Christine Sun, chief researcher and strategist at real estate agency OrangeTee Group. Tenants are also more open to looking for cheaper options in suburban areas, she added.</p><p class=\"t-img-caption\"><img src=\"https://static.tigerbbs.com/54e85b1bc36a19195dd39a5d8df5520d\" tg-width=\"924\" tg-height=\"645\"/></p><p>The decrease is expected to bring some relief to tenants who saw leases surge 30% in 2022 alone. An influx of wealth during the pandemic helped the city-state defy a downturn seen in other hubs like Hong Kong, but also triggered local discontent and ensuing government cooling measures.</p><p>Despite the latest cooldown, private residential rents still grew 8.7% last year.</p><p style=\"text-align: start;\">Local demand for buying has also propped up home prices, which rose 2.8% in the fourth quarter from the previous three months, bringing the annual increase to 6.8%, according to data on Friday.</p></body></html>","source":"lsy1584095487587","collect":0,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Singapore Home Rents Fall for First Time in Over Three Years</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nSingapore Home Rents Fall for First Time in Over Three Years\n</h2>\n\n<h4 class=\"meta\">\n\n\n2024-01-26 09:19 GMT+8 <a href=https://www.bloomberg.com/news/articles/2024-01-26/singapore-home-rents-fall-for-first-time-in-over-three-years?srnd=premium><strong>Bloomberg</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>Singapore rents dropped for the first time in more than three years on the back of increased housing supply and expectations for an economic slowdown.An index of rents for private homes in the ...</p>\n\n<a href=\"https://www.bloomberg.com/news/articles/2024-01-26/singapore-home-rents-fall-for-first-time-in-over-three-years?srnd=premium\">Web Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","type":0,"thumbnail":"","relate_stocks":{"STI.SI":"富时新加坡海峡指数"},"source_url":"https://www.bloomberg.com/news/articles/2024-01-26/singapore-home-rents-fall-for-first-time-in-over-three-years?srnd=premium","is_english":true,"share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","article_id":"1181182972","content_text":"Singapore rents dropped for the first time in more than three years on the back of increased housing supply and expectations for an economic slowdown.An index of rents for private homes in the financial hub fell 2.1% in the fourth quarter compared with a 0.8% rise in the previous three months. That’s the first decline since the third quarter of 2020, according to figures published Friday by the Urban Redevelopment Authority.“With the increased competition, landlords are more willing to accept lower prices, especially for luxury segments,” said Christine Sun, chief researcher and strategist at real estate agency OrangeTee Group. Tenants are also more open to looking for cheaper options in suburban areas, she added.The decrease is expected to bring some relief to tenants who saw leases surge 30% in 2022 alone. An influx of wealth during the pandemic helped the city-state defy a downturn seen in other hubs like Hong Kong, but also triggered local discontent and ensuing government cooling measures.Despite the latest cooldown, private residential rents still grew 8.7% last year.Local demand for buying has also propped up home prices, which rose 2.8% in the fourth quarter from the previous three months, bringing the annual increase to 6.8%, according to data on Friday.","news_type":1},"isVote":1,"tweetType":1,"viewCount":200,"authorTweetTopStatus":1,"verified":2,"comments":[],"imageCount":0,"langContent":"EN","totalScore":0}],"lives":[]}