Cheap barcode scanners helped quickly restore computers damaged by CrowdStrike

Shortly after the recent massive Windows PC crash caused by CrowdStrike, Australian consulting business Grant Thornton found a handy way to quickly get rid of Blue Screens of Death (BSODs). The Register reports that one of the company’s technical specialists remembered in time that the simplest barcode scanners are perceived by PCs as keyboards.

Image source: Grant Thornton

This seemingly useless knowledge became very important when the company tried to find a solution to the problem created by CrowdStrike. At the Australian branch of Grant Thornton, hundreds of PCs and at least a hundred servers went into an endless reboot cycle. However, they were all protected using BitLocker, so the recovery process required entering a 48-character key to decrypt the partition.

If the servers were able to be restored manually, then an automation tool had to be invented for the PC. It would be too risky to openly send out BitLocker keys, and it would be very difficult to read them over the phone or dictate them in person. Therefore, the company converted the keys into barcodes that can be instantly scanned from the administrator’s laptop screen.

Image Source: PublicDomainPictures/unsplash.com

As a result, all the PCs were working by lunchtime, and it took 3-5 minutes to fix each of them, whereas in the case of servers, manual restoration took 20 minutes. Grant Thornton only regrets that it did not immediately think of using QR codes, then it would have been possible to encrypt more data in them, completely automating the recovery process. However, the company is already delighted that they got away with little loss compared to other businesses.

The large-scale failure was the result of the release of an incorrect update to the CrowdStrike security system. Microsoft itself cited the forced 2009 agreement with the European Union as the root cause of the recent large-scale failure, according to which security software developers were provided with low-level access to Windows operating systems. CrowdStrike admitted its own guilt and cited a bug in the program for testing its own updates.