What is CrowdStrike and what happened?

On Friday morning, some of the biggest airlines, television stations, banks and other essential services ground to a halt as a massive outage spread across the world. The outage, which brought the Blue Screen of Death to legions of Windows machines around the world, is linked to just one software company: CrowdStrike.

CrowdStrike plays an important role in helping companies find and prevent security breaches, touting itself as having the “fastest mean time” to detect threats. Since its launch in 2011, the Texas-based company has helped investigate major cyberattacks such as Sony Pictures hack in 2014as well as the Russian cyber attacks at the Democratic National Committee in 2015 and 2016. As of Thursday night, CrowdStrike’s valuation was more than $83 billion.

It also has around 29,000 customers, with more than 500 on the Fortune 1000 list, according to CrowdStrike website.

But that popularity put it in a position to wreak havoc when something went wrong, with systems using CrowdStrike and Windows-based hardware going offline en masse this morning. CrowdStrike CEO George Kurtz said Friday that the company is “actively working with customers affected by a defect found in a single content update for Windows hosts,” emphasizing that the issue is not related to a cyberattack. . It also does not affect Mac or Linux machines.

The July 19 outage is tied to CrowdStrike’s flagship Falcon platform, a cloud-based solution that combines multiple security solutions into a single hub, including antivirus capabilities, endpoint protection, threat detection, and real-time monitoring to prevent access unauthorized access to a company’s system. .

The update in question appears to have installed faulty software into the main Windows operating system, causing systems to get stuck in a boot loop. Systems are displaying an error message that says, “It appears Windows did not load correctly,” while also giving users the option to try troubleshooting methods or restart their PC. Many companies, including this airline in IndiaThey resorted to the good old way of doing things manually.

“Our software is extremely interconnected and interdependent,” Lukasz Olejnik, independent cybersecurity researcher, consultant and author of the book Cybersecurity Philosophyaccount On the edge. “But in general, there are many single points of failure, especially when there is a monoculture of software in an organization.”

Although CrowdStrike has deployed a fix, getting things up and running will not be a simple task. Olejnik tells On the edge that this issue may take “days to weeks” to resolve because IT administrators may have to physical access to a device to get them working again. How quickly this happens depends on the size and resources of the company’s IT team. “Some systems in certain specific circumstances may be unrecoverable, but I assume most will be recovered,” adds Olejnik.

Source link