What is CrowdStrike and how did global cyber outage happen?
AUGUSTA, Ga. - A widespread technology outage caused chaos in the CSRA — grounding flights, knocking banks and hospital systems offline and media outlets off the air.
Cybersecurity firm CrowdStrike said the problem occurred when it deployed a faulty update to computers running Microsoft Windows. The company said a fix was on the way — but hours after the problem was first detected, the disarray escalated.
MORE FROM NEWS 12:
How worldwide cyber outage is affecting the CSRA
Services across the CSRA from air travel to education are being affected by a worldwide cyber outage.
Global outage impacting your bank access? Here’s what to do
The Consumer Financial Protection Bureau shared the following steps in the event of problems with your bank during the worldwide technology outage.
Global tech outage disrupts air travel, health care and shipping
A global technology outage caused by a faulty software update grounded flights, knocked media outlets offline, and disrupted hospitals.
How did the global outage happen?
Friday’s disruptions began when a faulty update was pushed out from CrowdStrike for one of its tools, “Falcon.” In a statement about the ongoing situation, the company said the defect was found “in a single content update for Windows hosts” — noting that Mac and Linux systems were not impacted.
But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem have been far-reaching.
The company said:
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”
What are the effects of the disruption?
Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services during peak summer travel — disrupting thousands of flights. Banks in South Africa and New Zealand reported outages impacting payments and online services. Some news stations, particuarly in Australia, were unable to broadcast for hours. And hospitals had problems with their appointment systems, leading to delays and sometimes cancelations for critical care, while officials in some U.S. states warned of 911 problems in their areas.
Elsewhere, people experienced more minor inconveniences, including trouble ordering ahead at Starbucks, causing long lines at some of the coffee chain’s stores. Some billboards in New York City’s famous Times Square also went dark.
Experts stress that Friday’s disruptions underscore the vulnerability of worldwide dependence on software that comes from only a handful of providers.
“It is an ‘all our eggs are in one basket’ situation,” Craig Shue, professor and computer science department head at Worcester Polytechnic Institute, said in emailed commentary. “This lets us make sure our ‘basket’ is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs.”
What is CrowdStrike?
CrowdStrike is a U.S. cybersecurity company that provides software to companies around the world and across industries. It bills itself as being the globe’s most advanced cloud-based security technology provider.
It’s based in Austin, Texas, and operates in more than 170 countries including Australia, , India, Israel, Japan, Romania and the United Kingdom.
As of April 30, it had 8,429 full-time employees but said it also engages temporary employees and consultants as needed.
According to the company’s website, CrowdStrike was founded in 2011 and launched in early 2012.
CrowdStrike listed on the Nasdaq exchange five years ago. Last month, the Austin, Texas company reported that its revenue rose 33% in the latest quarter from the same quarter a year earlier — logging a net profit of $42.8 million, up from $491,000 in the first quarter of last year.
It’s used by 43 of the 50 U.S. states, six of the top 10 health providers, 298 of the Fortune 500, eight of the top 10 financial services, seven of the top 10 manufacturers, and eight of the top 10 food and beverage companies
It also helps to run cybersecurity investigations for the U.S. government.
CrowdStrike has a partnership with Amazon Web Services and its “Falcon for Defender” security technology is designed to supplement Microsoft Defender to prevent attacks.
CrowdStrike reported more than $900 million in revenue. Business in the United States ed for nearly 70% of that.
CrowdStrike its its rapid growth is a “risk factor.”
“We have experienced rapid revenue growth in recent periods and we expect to continue to invest broadly across our organization to our growth. For example, our headcount grew from 4,965 employees as of January 31, 2022, to 8,429 employees as of April 30, 2024. Although we have experienced rapid growth historically, we may not sustain our current growth rates and our investments to our growth may not be successful,” the company has said.
Is there a fix?
Disruptions on Friday have continued hours after CrowdStrike first identified the issue. But both the company and Microsoft say that they’re working to get systems back online.
In an emailed statement, Crowdstrike said that it was “actively working with customers impacted by a defect found in a single content update for Windows hosts” — adding that a fix “had been deployed” for the identified issue.
Microsoft spokesperson Frank X. Shaw said that the company was “actively ing customers to assist in their recovery.” Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.
While the problem is fixable, it requires some expertise. Some cybersecurity experts warn of bad actors who may reach out claiming they can help. Smaller companies or organizations with less IT resources are particularly at risk.
Gartner analyst Eric Grenier noted that those impacted should make sure they’re talking to trusted organizations as they work towards recovery. “Attackers will definitely prey on organizations as a result of this,” he said.
From reports by News 12′s Meredith Anderson and The Associated Press.
Copyright 2024 WRDW/WAGT. All rights reserved.
