Was the CrowdStrike Incident the largest ever Global IT Outage?
The scale of effects of the disruption caused make this event, which began on 18 July (according to Microsoft) or 19 July (according to CrowdStrike), makes it the worst cyber event in history, beating the WannaCry cyber-attack in 2017 where 300,000 computers in 150 countries were affected. The CrowdStrike issue apparently affected 8.5 million global computers – totally dwarfing WannaCry, presuming that the numbers being quoted by the relevant bodies are accurate.
Who Are CrowdStrike?
Texas-based cybersecurity technology company, CrowdStrike, formed in 2011, provides an AI and machine learning powered, cloud-based enterprise endpoint protection platform (this could be referred to as intelligent real-time antivirus) called Falcon which is used by a wide range of businesses and organisations. In particular it is used by larger businesses and hence it affected some of the largest businesses in the world.
What Happened to cause the CrowdStrike issue?
CrowdStrike’s Falcon sensor is a cloud-based cybersecurity program designed to protect systems from malware and other cyber threats. The trouble began with a sensor configuration update which was intended to enhance the program’s capabilities. Unfortunately, this update contained a “logic error” – a coding mistake that led to catastrophic consequences. Find out more here or over at the BBC.
What was the Impact of the CrowdStrike issue?
The faulty update triggered what is known as the “Blue Screen of Death” (BSOD) on millions of Windows devices. This error rendered computers unusable, causing widespread disruption across various sectors. Airports experienced chaos, supermarket checkouts malfunctioned, and critical services like banking and healthcare were severely impacted. A BSOD basically means that the PC or Laptop cannot use any application on it, most times the computer cannot even fully turn on!
Was it Only Windows Affected by CrowdStrike?
The faulty software update only impacted Microsoft because the Falcon sensor update was specifically designed specifically just for the Microsoft Windows Operating System and the logic error that triggered the system crashes and blue screens (BSOD) was tied to a component or function that is unique to Windows environments.
Was Microsoft at fault for the CrowdStrike issue?
Most technical people would NOT blame Microsoft in any way, shape or form for the issues that were caused by the CrowdStrike faulty update. Mostly because Microsoft has created an environment where any software development company can produce software that is compatible with their Operating System. However, because of HOW the software integrated with Microsoft’s Operating System, there is a blurry line. In essence, the CrowdStrike application integrates so deeply that it was able to render the Microsoft Software unusable. This is, at least in part, and according to Microsoft, due to rules enforced upon it by the European Union. These rules were apparently applied back in 2009 and were aimed at making sure that Microsoft was abiding by competition law (or anti-competitive law!). You can find Microsoft’s statement from back in 2009 here https://news.microsoft.com/2009/12/16/microsoft-statement-on-european-commission-decision/
The Enormous Impact of the CrowdStrike Issue
The faulty CrowdStrike software update caused disruptions across a wide variety of industries globally (and across a huge size-range of businesses), which included:
- Airlines
- Healthcare
- Financial Services
- Media and Broadcasting
- Emergency Services
- Retail
Many of these sectors are still experiencing effects and are expected to for at least another week or two.
The Response by CrowdStrike
CrowdStrike acted swiftly to address the issue. Within hours, they released a fix to stop the spread of the problem. However, the damage had already been done, and many users continued to experience issues with their devices. This was because of the BSOD nature of the fault as described earlier in this blogpost. In essence, it meant that many of the affected machines needed to be physically visited by a technical engineer to resolve the fault – even after the release of the fix. The incident highlighted the vulnerabilities in even the most trusted cybersecurity systems and underscored the importance of rigorous testing before deploying updates.
Lessons Learned by CrowdStrike
This incident serves as a stark reminder of the potential risks associated with software updates. It emphasizes the need for comprehensive testing and validation processes to prevent such occurrences in the future. For businesses and individuals alike, it is a call to ensure robust backup and recovery plans are in place to mitigate the impact of unforeseen IT failures.
Moving Forward
CrowdStrike has since conducted a thorough review of the incident and implemented measures to prevent a recurrence. While the immediate crisis has been resolved, the event has left a lasting impression on the global IT community. It serves as a cautionary tale about the complexities and challenges of maintaining cybersecurity in an increasingly digital world.
What Does This Mean For Your Business?
The catastrophic event involving CrowdStrike’s faulty software update serves as a stark reminder of the vulnerabilities that can arise from our reliance on advanced cybersecurity solutions. For businesses, this incident is a reminder of the critical importance of rigorous testing and validation processes for all software updates. It also highlights the need for robust contingency plans to ensure operational continuity in the face of unexpected system failures. It highlights that businesses really need to consider the manpower that they have attributed to their IT Department, either internal staff, or external partners. In the event of an issue such as this, it’s imperative that you have the right people in the right roles to help your business to recover quickly, before the impact on your business is catastrophic.
How can ESP help?
ESP offers a wide range of IT Support and Consultancy services to businesses in South Yorkshire but also throughout the UK. Drop us an email using the address at the top of this page or give us a call to find out more about how our services can help to protect your business in your hour of need!
ESP is much more than an outsourced IT Provider, we partner with your business to understand what’s important to you and to help keep you ahead of the game both in terms of protection, but also in terms of your competition!