How a software update from cyber firm CrowdStrike caused one of the world’s biggest IT blackouts (2024)

In this article

  • CRWD

George Kurtz, co-founder and CEO of CrowdStrike Inc., speaks during the Montgomery Summit in Santa Monica, California.

Patrick T. Fallon | Bloomberg | Getty Images

A fault with an update issued by cybersecurity company CrowdStrike led to a cascade effect among global IT systems Friday, with industries ranging from banking to airlines facing outages.

Banks and health-care providers saw their services disrupted and TV broadcasters went offline as businesses worldwide grappled with the ongoing outage. Air travel has been hit hard, too, with planes grounded and services delayed.

At the heart of the issue is Texas-based cybersecurity vendor CrowdStrike. On Friday, the cybersecurity firm experienced a major disruption following an issue with a software update.

So what happened, exactly? CNBC takes a look.

What is CrowdStrike and what does it do?

CrowdStrike is a cybersecurity vendor that develops software to help companies detect and block hacks. It is used by many of the world's Fortune 500 companies, including major global banks, health-care and energy companies.

CrowdStrike is what's known as an "endpoint security" firm as it uses cloud technology to apply cyber protections to devices that are connected to the internet.

This differs from alternative approaches used by other cyber firms, which involve applying protection directly to back-end server systems.

"Many companies use [CrowdStrike software] and install it on all of their machines across their organization," Nick France, chief technology officer at IT security firm Sectigo, told CNBC's "Squawk Box Europe" on Friday.

"So when an update happens that maybe has problems with it, it causes this problem where the machines reboot, and people can't get back into their computers."

What happened on Friday?

On Friday, people around the world began encountering an error screen known as the "blue screen of death."

This issue — a common problem among PCs, for example if a machine overheats — was the result of an update from CrowdStrikeconcerning its Falcon product.

Falcon is a platform developed by the company that's designed to stop cyber breaches using cloud technology — it is at the heart of the firm's focus on endpoints. CrowdStrike said Friday it is in the process of rolling back the update globally.

CrowdStrike's software requires deep access to a computer's operating system to scan for threats. In the case of Friday's outage, machines running Microsoft's Windows operating system crashed due to a fault in the way a software update issued by CrowdStrike interacted with Windows.

"We have been made aware of an issue impacting Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, which may encounter a bug check (BSOD [blue screen of death]) and get stuck in a restarting state. We approximate impact started around 19:00 UTC on the 18th of July," Microsoft said in an update at 5:40 a.m. ET.

"We can confirm the affected update has been pulled by CrowdStrike. Customers that are continuing to experience issues should reach out to CrowdStrike for additional assistance," the company added.

Satnam Narang, senior staff researcher at Tenable, told CNBC on Friday that the outage was "very unprecedented."

"The challenge here is that security software — because it's doing its job to protect organizations — it has to have more privileged access to these machines," he said.

So, while people may be seeing their IT issues as a problem with Windows, "it's not actually a Windows issue, it's related to a faulty or bad update from those security software," Narang added.

A fix has been issued

Earlier, Microsoft said its cloud services had been restored after an outage that affected its Azure services and Microsoft 365 suite of apps in the central U.S. region. A company spokesperson said these are two different and nonrelated issues — one issue relates to Azure, the other is linked to CrowdStrike.

How a software update from cyber firm CrowdStrike caused one of the world’s biggest IT blackouts (2)

watch now

VIDEO3:4703:47

Major global cyber outage hits airlines, banks and media outlets, impacting millions

Squawk Box Europe

They added that they "anticipate a resolution is forthcoming," in respect to the CrowdStrike problem.

CrowdStrike is "actively working with customers impacted by a defect found in a single content update for Windows hosts," CEO George Kurtz said Friday in a update on social media platform X. He added that Mac and Linux hosts are not affected.

"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,"Kurtz said.

That fix could be hard to implement, though. Andy Grayland, chief information and security officer at threat intelligence firmSilobreaker, said that in order to implement a fix, engineers would have to go into each individual data center running windows.

They'd then have to log in, navigate to a certain CrowdStrike file, delete it and then reboot the entire system, he said.

"Where machines are encrypted, complex encryption keys also need to be entered manually. Unless Microsoft and CrowdStrike (if they are involved) pull something miraculous out of the bag, this could be painful to recover from."

Don’t miss these insights from CNBC PRO

  • Berkshire has eliminated 10% of outstanding shares as Buffett values the enduring power of buybacks
  • Bank of America strategist says it's time to get bearish
  • Morgan Stanley is pounding the table for these stocks, including Apple, ahead of earnings
  • ‘Trump trade’ could stall if Biden drops out of race, analyst says

How a software update from cyber firm CrowdStrike caused one of the world’s biggest IT blackouts (3)

Get a weekly round up of the top tech stories from around the world in your inbox every Friday.

Subscribe
How a software update from cyber firm CrowdStrike caused one of the world’s biggest IT blackouts (2024)

FAQs

How a software update from cyber firm CrowdStrike caused one of the world’s biggest IT blackouts? ›

The issue stemmed from a problem in CrowdStrike's Falcon product, leading to devices running Windows operating systems to crash with the "blue screen of death." The company is currently working to roll back the problematic update. Microsoft clarified that their prior cloud service outage was unrelated.

What caused the CrowdStrike outage? ›

The CrowdStrike outage was caused by a coding update that went wrong. This incident highlights the dangers of poor IT and cyber security practices. Businesses are becoming focused on pushing out updates faster, particularly to address dynamic cyber threats, and reducing IT costs.

How did the CrowdStrike issue happen? ›

The detailed PIR document explains how a fault in the software that tests updates was responsible for the outage affecting millions of Windows machines. Many in the industry say the issue could have been avoided with more testing—and it looks like CrowdStrike will now need to test the testing software.

What is the cause of the global tech outage? ›

Last week's global tech outage has been traced back to a bug in U.S. cybersecurity firm CrowdStrike's quality control system. The outage's impacts have been far-reaching, affecting roughly 8.5 million Windows devices and disrupting banks, emergency call centers and airlines.

Why did CrowdStrike crash? ›

Indeed, CrowdStrike says the “problematic Rapid Response Content configuration update resulted in a Windows system crash.” “When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception,” CrowdStrike writes.

Why did CrowdStrike drop? ›

Shares of cybersecurity company CrowdStrike (NASDAQ: CRWD) continue to drop on Tuesday after its major software update problem of more than a week ago. The stock was already down more than 30% from recent highs, and investors might have thought that the worst was over once the problem had been corrected.

How does CrowdStrike Falcon update? ›

CrowdStrike delivers security content configuration updates to our sensors in two ways: Sensor Content that is shipped with our sensor directly, and Rapid Response Content that is designed to respond to the changing threat landscape at operational speed.

Does the US government use CrowdStrike? ›

The extent of the impact on federal government operations is still not known. Crowdstrike is in wide use across federal agencies and it is a key vendor on the governmentwide Continuous Diagnostics and Mitigation cybersecurity support services contract.

What is CrowdStrike incident response? ›

CrowdStrike® Incident Response Services delivers immediate threat visibility and active threat containment to eject adversaries from your network and recover your systems with speed and precision.

What is the future outlook for CrowdStrike? ›

Based on 36 Wall Street analysts offering 12 month price targets for CrowdStrike Holdings in the last 3 months. The average price target is $368.26 with a high forecast of $450.00 and a low forecast of $275.00. The average price target represents a 43.76% change from the last price of $256.16.

How much did the CrowdStrike outage cost? ›

The massive CrowdStrike outage that affected millions of Microsoft devices is predicted to cost U.S. Fortune 500 companies $5.4 billion in total direct financial loss, with an average loss of $44 million per Fortune 500 company, according to new data from cloud monitoring and insurance firm Parametrix.

What day was the CrowdStrike outage? ›

The outage began July 19 after an update to CrowdStrike's Falcon platform set off a “blue screen of death” scenario for 8.5 million devices worldwide. Global impacts ensued for air travel, health care and business, and experts have called it the largest IT outage of all time.

How did the Microsoft outage happen? ›

The historic outage was the result of a faulty update from the cybersecurity company CrowdStrike that affected millions of computers running the Microsoft Windows operating system. Laura DeNardis is a professor and endowed Chair in Technology, Ethics, and Society and the director of the Center for Digital Ethics.

What is the CrowdStrike issue? ›

There was a logic flaw in Falcon sensor version 7.11 and above, causing it to crash. Due to CrowdStrike Falcon's tight integration into the Microsoft Windows kernel, it resulted in a Windows system crash and BSOD.

Who owns CrowdStrike? ›

The ownership structure of CrowdStrike Holdings (CRWD) stock is a mix of institutional, retail and individual investors. Approximately 44.34% of the company's stock is owned by Institutional Investors, 2.19% is owned by Insiders and 53.47% is owned by Public Companies and Individual Investors.

What is CrowdStrike famous for? ›

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. CrowdStrike Holdings, Inc.

What is the prediction for CrowdStrike? ›

Average Price Target

Based on 36 Wall Street analysts offering 12 month price targets for CrowdStrike Holdings in the last 3 months. The average price target is $368.26 with a high forecast of $450.00 and a low forecast of $275.00. The average price target represents a 43.76% change from the last price of $256.16.

Is CrowdStrike a virus? ›

CrowdStrike is a web/cloud based anti-virus which uses very little storage space on your machine. CrowdStrike installs a lightweight sensor on your machine that is less than 5MB and is completely invisible to the end user.

How does CrowdStrike stop breaches? ›

CrowdStrike's core technology, the Falcon platform, stops breaches by preventing and responding to all types of attacks — both malware and malware-free.

Top Articles
Zalando-Retoure: Das ist bei der Rücksendung zu beachten
2017 Chevrolet Silverado 1500 for sale - Woodburn, OR - craigslist
Use Copilot in Microsoft Teams meetings
Erika Kullberg Wikipedia
Ymca Sammamish Class Schedule
Does Publix Have Sephora Gift Cards
LA Times Studios Partners With ABC News on Randall Emmett Doc Amid #Scandoval Controversy
Premier Boating Center Conroe
House Party 2023 Showtimes Near Marcus North Shore Cinema
Conan Exiles Thrall Master Build: Best Attributes, Armor, Skills, More
boohoo group plc Stock (BOO) - Quote London S.E.- MarketScreener
Georgia Vehicle Registration Fees Calculator
Amih Stocktwits
Glenda Mitchell Law Firm: Law Firm Profile
Cbssports Rankings
The Ultimate Guide to Extras Casting: Everything You Need to Know - MyCastingFile
Www Craigslist Madison Wi
Inbanithi Age
Sofia the baddie dog
Plost Dental
Kroger Feed Login
Leben in Japan – das muss man wissen - Lernen Sie Sprachen online bei italki
Craigslist Brandon Vt
In hunt for cartel hitmen, Texas Ranger's biggest obstacle may be the border itself (2024)
Tripcheck Oregon Map
Kacey King Ranch
"Pure Onyx" by xxoom from Patreon | Kemono
In Branch Chase Atm Near Me
Truis Bank Near Me
Lichen - 1.17.0 - Gemsbok! Antler Windchimes! Shoji Screens!
Staar English 1 April 2022 Answer Key
AsROck Q1900B ITX und Ramverträglichkeit
Directions To 401 East Chestnut Street Louisville Kentucky
Babylon 2022 Showtimes Near Cinemark Downey And Xd
9 oplossingen voor het laptoptouchpad dat niet werkt in Windows - TWCB (NL)
Energy Management and Control System Expert (f/m/d) for Battery Storage Systems | StudySmarter - Talents
Bekah Birdsall Measurements
Www Craigslist Com Atlanta Ga
Lucyave Boutique Reviews
How I Passed the AZ-900 Microsoft Azure Fundamentals Exam
Guided Practice Activities 5B-1 Answers
Mynord
Rocket Lab hiring Integration & Test Engineer I/II in Long Beach, CA | LinkedIn
Europa Universalis 4: Army Composition Guide
Colin Donnell Lpsg
Christie Ileto Wedding
Deshuesadero El Pulpo
Goosetown Communications Guilford Ct
Sam's Club Fountain Valley Gas Prices
Game Like Tales Of Androgyny
Buildapc Deals
Latest Posts
Article information

Author: Moshe Kshlerin

Last Updated:

Views: 6179

Rating: 4.7 / 5 (77 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Moshe Kshlerin

Birthday: 1994-01-25

Address: Suite 609 315 Lupita Unions, Ronnieburgh, MI 62697

Phone: +2424755286529

Job: District Education Designer

Hobby: Yoga, Gunsmithing, Singing, 3D printing, Nordic skating, Soapmaking, Juggling

Introduction: My name is Moshe Kshlerin, I am a gleaming, attractive, outstanding, pleasant, delightful, outstanding, famous person who loves writing and wants to share my knowledge and understanding with you.