What you need to know
- July 19, 2024, marks the biggest global IT apocalypse in recent history, as a CrowdStrike update to a popular corporate Windows security solution triggers "Blue Screen of Death" crashes.
- CrowdStrike's CEO's initial statement did not mention an apology, leading to a backlash.
- Microsoft has also responded to the outages after initially being widely (and wrongfully) blamed.
- CrowdStrike is an $80 billion company with roughly 10% of its share price wiped out over the outage.
If you work in a corporate IT environment, you might have woken up to a BSOD apocalypse this morning.
CrowdStrike is a company you may not have heard of until today, but the $80 billion company has become a mainstay of endpoint security solutions, particularly in corporate environments, protecting major global infrastructure against cyberattacks and the like. They have been involved in investigating major hacks across the globe, and they even have the highest level of authorization to work with the U.S. Department of Defence to protect against state-sponsored attacks and domestic threats. However, today, many of CrowdStrike's partners may be re-evaluating.
An update CrowdStrike pushed to its software within Windows environments has seen some of the biggest simultaneous IT outages in history, with airlines, broadcasters, hospitals, and other significant infrastructure endpoints being impacted. People have reacted angrily to the disruption but have also piled on scorn after CEO George Kurtz seemingly refused to accept responsibility in the firm's initial statements.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack," CEO George Kurtz said. "The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website."
After the initial wave of condemnation, George Kurtz eventually appeared on TODAY News to speak about the outage (which was also ironically impacted) and claimed the firm was "deeply sorry" for the disruption.
EXCLUSIVE: CrowdStrike founder and CEO @George_Kurtz speaks on TODAY about the major computer outages worldwide that started earlier today: “We’re deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this.” pic.twitter.com/fWz6KhgrcZJuly 19, 2024
Kurtz issued another statement after publication: "Today was not a security or cyber incident. Our customers remain fully protected. We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption." Kurtz continued, "We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on. As noted earlier, the issue has been identified and a fix has been deployed. There was an issue with a Falcon content update for Windows Hosts." Some users responded here to note that "availability" is considered a core pillar of cybersecurity, according to the U.S. federal definition from the Department of Commerce.
Microsoft's lead for communications, Frank Shaw, also offered this statement, given that many across the globe took to blaming Microsoft and Windows for the fallout, despite the fact that CrowdStrike's software caused the issue: "Earlier today, a CrowdStrike update was responsible for bringing down a number of Windows systems globally. We are actively supporting customers to assist in their recovery."
What makes this particular outage so irritating for IT departments revolves around the fact that it requires Safe Mode removal of the faulty update. For heavily locked-down computers with Bitlocker encryption, that potentially involves a lot of manual deployment. This isn't necessarily something you can easily fix via a remote Windows Server deployment or Group Policy, at least in some environments.
Not Microsoft's fault, but still a bad look somehow
CrowdStrike's share price has taken a 28-point nosedive on the news today as investors abandon the firm. Indeed, many companies may be looking to diversify their security solutions following this massive outage, which even took down several of Microsoft's own services, including the Xbox network (formerly known as Xbox Live).
- Microsoft: Fix CrowdStrike bugs by turning it off and on again
- How to fix CrowdStrike Blue Screen error on Windows 11
In reality, CrowdStrike is a competitor of Microsoft, offering its own security solutions, such as Microsoft Endpoint Defender, for these scenarios. CrowdStrike adds layers of protection, but the end user doesn't see CrowdStrike's logo when things go down — all they see is the iconic Windows Blue Screen of Death, which initially led to headlines. As outlets started to get to grips with the real cause of the issue, headlines were updated to reflect CrowdStrike's responsibility. Still, the internet reacts as the internet does, with hilarious memes. Spare a thought for busy IT departments who expect to have a chill weekend.
The Crowdstrike engineer who pushed the update that caused the global IT meltdown, crashing Microsoft devices (BSOD), taking down government IT services in Australia, New Zealand and several US states while disrupting global banks, media and airlines (gonna be a crazy flying day) pic.twitter.com/g7hcNa1XZuJuly 19, 2024
Still, it raises questions about the virtue of having a few pieces of software like CrowdStrike be dominant across so much critical infrastructure. This wasn't the result of a cyberattack, but it very well could've been — and the vulnerability might give enemy nation-states some quirky ideas.
I suspect there will be a lot of soul-searching at CrowdStrike and Microsoft about how to prevent something like this from happening again.