On Friday morning, major airlines, TV broadcasters, banks, and other critical services were disrupted by a massive outage that affected Windows machines globally. The culprit behind this widespread issue was identified as CrowdStrike, a key player in cybersecurity known for its rapid threat detection capabilities.
Since its inception in 2011, CrowdStrike has been instrumental in investigating high-profile cyberattacks, including the Sony Pictures hack in 2014 and the Russian cyberattacks on the Democratic National Committee in 2015 and 2016. As of Thursday evening, the Texas-based company was valued at over $83 billion and boasts a clientele of around 29,000, including over 500 Fortune 1000 companies.
This extensive customer base meant that when CrowdStrike encountered a problem, the impact was far-reaching. On Friday morning, systems utilizing CrowdStrike and Windows-based hardware went offline en masse. CrowdStrike CEO George Kurtz stated that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts” and assured that the issue was not related to a cyberattack and did not affect Mac or Linux machines.
The July 19th outage was linked to CrowdStrike’s flagship Falcon platform, a cloud-based solution that integrates multiple security functions, including antivirus, endpoint protection, threat detection, and real-time monitoring.
Many organizations, such as an airline in India, had to revert to manual processes due to the disruption. Lukasz Olejnik, an independent cybersecurity researcher and author, told The Verge that the interconnectivity and interdependence of software systems create numerous single points of failure, particularly in environments with a software monoculture.
Although CrowdStrike has released a fix, restoring full functionality will be a complex process. Olejnik explained that resolving the issue could take “days to weeks,” as IT administrators may need physical access to affected devices.
The recovery speed will depend on the size and resources of each company’s IT team. “While some systems may be unrecoverable in specific circumstances, the majority should be recoverable,” Olejnik added.