You might have seen the news update lately about a global shutdown of businesses and heard the words “Crowdstrike” and “Cyber Risk” sprinkled here and there. You are probably wondering what they are and what on earth they had to do with your flight being canceled or delayed, especially if you were within the US, China, and some other European countries.
Well, I’m going to share with you the deets. The problem was indeed beyond your airline company. It was beyond your Windows software. It was beyond your hospital network. It was a Crowdstrike effect!
Crowdstrike, one of the low-key big players in the cybersecurity industry, just experienced a global outage yesterday that left users worldwide scrambling. While the incident has been resolved, it serves as a stark reminder of the importance of more awareness of cyber risk management and the need for robust network security in tech platforms.
Let’s dial back and look critically at the incident, shall we?
On Friday, 19th of July 2024, Crowdstrike’s platform went down, causing widespread disruptions for users worldwide. The outage was speculated to have been attributed to a technical issue related to an unreviewed software update, which caused Windows to crash due to a fault in how Crowdstrike’s software interacted with Windows, resulting in the “blue screen of death” error screen.
Something super weird happening right now: just been called by several totally different media outlets in the last few minutes, all with Windows machines suddenly BSoD’ing (Blue Screen of Death). Anyone else seen this? Seems to be entering recovery mode: pic.twitter.com/DxdLyA9BLA
A particular Twitter user took to Twitter to hint at being the cause of the update leading to the network shutdown. Whether this is true or a mere internet trolling is undisclosed.
Apparently, Vincent (above), is not the only suspect. Our sources gathered that there might be another intern responsible for the internet brou-ha-ha. He’s currently reported to be on the run! See here for evidence😅 .
While many online users took to social media to rant and share memes, the tech and legal team at Crowdstrike had their hands full on a Friday, obviously canceling any thought of weekend plans to work on resolving the issue to mitigate the impending mass insurance legal suite haggling around the company. The CEOs of Microsoft and CrowdStrike also had to give a public statement to tame the chaos.
Yesterday, CrowdStrike released an update that began impacting IT systems globally. We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online.
All of CrowdStrike continues to work closely with impacted customers and partners to ensure that all systems are restored.
I’m sharing the letter I sent to CrowdStrike’s customers and partners. As this incident is resolved, you have my commitment to provide full transparency on…
The saddening fact about this event is that it’s not a once-in-a-lifetime occurrence. Lately, it seems to have become a norm to see big data companies suffer global impact because of one or two update issues. We’ve seen the same issues with Amazon, Twitter, and Facebook in the recent past. The routine nature of relying on only dominant cloud providers has been observed to cause drastic global disasters.
If this is an area that interests you, and you would like to get started: check out this course on Cyber Security Risk Management
Be a Cybersecurity Risk Expert
A Lay Man’s Technical Breakdown
The real culprit of this network failure was related to CrowdStrike’s Falcon platform, a bug used by IT teams to monitor activity on a device and help defend against cyber attacks. As an “endpoint security” firm, CrowdStrike’s software requires deep access to a computer’s operating system to scan for threats.
The outage impacted Virtual Machines running Windows Client and Windows Server with the CrowdStrike Falcon agent, causing a bug check (BSOD) and a restarting state. Microsoft confirmed the issue and stated that the affected update had been pulled by CrowdStrike.
Full technical breakdown as to why Crowdstrike's update caused a worldwide BSOD – crashing computers at Airports, Banks, Casinos, 911, Hospitals and more. 🧵 (1/n) pic.twitter.com/vgYXyHaQbT
A Global Take-Down; The Largest IT Outage in History
The outage had a far-reaching impact on various industries, including banking, airlines, and software companies. According to NBC News, the outage affected several major banks, airlines, hospitals, broadcasting media companies, railways, and many other commercial businesses, causing disruptions to their services.
Sky News, for instance, was unable to broadcast live for a time. Also, The London Stock Exchange was reporting issues with one of its information services and financial regulators and likely other financial institutions were affected.
To mitigate the impact, these companies had to:
Reverse the update and revert to manual processes
Work offline pending a new update that would fix the issue
The Legal Impact
The software glitch may have legal implications for Crowdstrike, as users may claim damages for losses incurred during the downtime. This incident highlights the importance of having robust service level agreements (SLAs) in place to mitigate legal risks.
The outage had a significant financial impact on Crowdstrike, with its stock price plummeting by 12% in the hours following the incident. According to reports by cnbc, the company’s market capitalization dropped by over $1 billion.
Cyber Risk Impact
The outage also raises concerns about the potential for cyber attacks on Crowdstrike’s platform. As an antivirus and cybersecurity firm, Crowdstrike is a high-value target for cybercriminals, and the incident may have exposed vulnerabilities in their system.
The Stock Performance
Crowdstrike’s stock performance has been volatile in recent days, with a significant drop in stock price following the outage. According to Yahoo Finance, the stock price dropped from $123.45 to $108.23 in the hours following the incident.
Key Takeaways
The length of the impact of this incident stems from the fact that so many companies are dependent on the dominant cloud-providing companies like Windows and CrowdStrike for so many of their devices. This centralization creates a risk both for the individual business and for the wider economy. We also see this whenever a major cloud provider has an incident in one of its services and multiple businesses suffer outages as a result.
This breakdown is majorly an IT policy issue. This means there was not a step-by-step process in place to review and update software. Businesses should understand this and manage their IT concentration risk by seeing the need to have experienced platform compliance IT security engineers; so that any software update will go through the company’s approval stage and be tested before it’s pushed live to all the company’s product software updates.
The Crowdstrike outage also serves as a wake-up call for the importance of cyber risk management knowledge. If large and corporate companies invest in their IT personnel by prompting them to take certified courses in Cybersecurity Risk Management, network security, or compliance management, many entry-level professionals can gain the knowledge and skills to prevent cyber attacks and ensure network security in tech platforms.
On a closing note, Cyber risk and IT security management are crucial for preventing cyber attacks and minimizing downtime during periods like these. Therefore, Tech companies must prioritize network security to protect users’ data and ensure business continuity.
This is very well explained.
This is one of the best articles I’ve read on this topic. Your detailed explanations and practical advice are greatly appreciated.