CrowdStrike: What It Is and What Went Wrong
On July 19, 2024, the world experienced an unprecedented outage that affected millions. A faulty update from cybersecurity giant, CrowdStrike, brought countless businesses, government agencies, and individuals to a standstill. In this article, we will discuss how an estimated 8.5 million Windows devices were affected, and the simple fix it took to remediate the issue.
What is CrowdStrike:
CrowdStrike is a cybersecurity company that offers a cloud-based platform designed to protect businesses from a wide range of cyberattacks. The company specializes in robust defense against malware, ransomware, and other threats. Their services are provided to approximately 30,000 clients, 538 of those are Fortune 1000 companies.
What Went Wrong:
CrowdStrike routinely tests their updates before sending them out, however their quality control process allowed the update to proceed “despite containing problematic content data”. The faulty software update affected the core Windows operating system, causing millions of devices to crash. Airlines, hospitals, banks, and countless other organizations were forced to halt operations as vital records were inaccessible. This caused an economic impact estimated to be $10 billion.
The Fix:
Although Microsoft did not directly cause the incident, they assisted CrowdStrike in remediating the issues. IT administrators needed to physically obtain devices to undergo a time-consuming manual fix to delete the bad file. CrowdStrike now plans to stagger future updates to avoid companies receiving updates simultaneously.
Why KTS Clients Weren’t Affected:
KTS clients did not experience any work disruptions caused by the outage. Why? Because we deploy a competitive product, SentinelOne. Tomer Weingarten, SentinelOne Co-founder and CEO, prides his company on being customer-based. In response to the outage, the company released a statement affirming that their “gradual, progressive roll outs are mandatory… to ensure business continuity”. SentinelOne avoids frequent updates and allows customers to decide when and where an upgrade is deployed. Not only does this prevent widespread outages, but it also allows businesses to select which devices receive the upgrade to test how they perform in certain environments.
At KTS, we offer proactive and reactive measures to ensure that businesses swiftly recover from any disruptions that may occur. From after hours and weekend response teams, to backup and recovery solutions, KTS takes steps to minimize impact of an outage. Contact us at [email protected] to discuss how we can enhance your business’ resilience to outages and other security incidents.