NEW YORK — In a world where cyber threats are a constant concern, organizations such as airlines, banks, hospitals, and others that prioritize risk management have turned to cybersecurity firm CrowdStrike to safeguard their digital systems from hackers and potential data breaches.
However, a single flawed software update from CrowdStrike on Friday led to worldwide disruptions. These included grounding flights, taking banks and media outlets offline, and causing interruptions in hospitals, retail outlets, and other services.
“The root of this issue lies in the uniform technology that forms the backbone of our IT infrastructure,” commented Gregory Falco, an assistant professor of engineering at Cornell University. “The real problem is our dependence on a handful of companies. When everyone uses the same providers, a single issue can bring everyone down simultaneously.”
CrowdStrike clarified that the issue with the update, which affected computers running Microsoft’s Windows operating system, was not due to a hacking incident or cyberattack. The company apologized and assured that a solution was in progress.
However, the fix was not straightforward. It required a hands-on approach to resolve, according to Gartner analyst Eric Grenier.
“The solution is effective, but it’s a very manual process and there’s no quick fix,” Grenier explained. “This is likely the biggest challenge companies are facing.”
While not every organization uses CrowdStrike and its platform, Falcon, the company is a leading cybersecurity provider, especially in sectors like transportation, healthcare, banking, and others that heavily rely on their computer systems.
“These are typically risk-averse organizations that prefer reliable solutions over radical innovation. They want something that works and provides coverage when things go wrong. That’s what CrowdStrike offers,” Falco stated. “They see their peers in other sectors using the same service and decide they need it too.”
The vulnerability of a globally interconnected technology ecosystem is not a new concern. It was a major fear in the 1990s, with worries about a technical glitch causing chaos at the turn of the millennium.
“This is essentially what we feared with Y2K, except this time it’s actually happened,” Australian cybersecurity consultant Troy Hunt posted on social platform X.
On Friday, affected computers worldwide displayed the “blue screen of death” — an indication of a problem with Microsoft’s Windows operating system.
“What’s different now is that these companies are even more deeply rooted,” Falco noted. “We like to think we have a variety of options. But in reality, the largest companies all use the same resources.”
Established in 2011 and publicly traded since 2019, CrowdStrike prides itself on having “revolutionized cybersecurity for the cloud era and transformed the way cybersecurity is delivered and experienced by customers.” The company highlights its use of artificial intelligence to keep up with adversaries. As of the beginning of the year, it reported having 29,000 subscribing customers.
The Austin, Texas-based firm is one of the most prominent cybersecurity companies globally and invests heavily in marketing, including Super Bowl ads. At cybersecurity conferences, it’s known for large booths displaying massive action-figure statues representing different state-sponsored hacking groups that CrowdStrike technology promises to defend against.
CrowdStrike CEO George Kurtz is among the highest-paid in the world, with total compensation exceeding $230 million in the last three years. Kurtz also drives for a CrowdStrike-sponsored car racing team.
After his initial statement about the problem was criticized for lack of contrition, Kurtz apologized in a later social media post on Friday and on NBC’s “Today Show.”
“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” he said on X.
Richard Stiennon, a cybersecurity industry analyst, described this as a historic blunder by CrowdStrike.
“This is easily the worst technical error or glitch of any security software provider ever,” said Stiennon, who has tracked the cybersecurity industry for 24 years.
While the problem is technically easy to fix, he said, its impact could be long-lasting for some organizations due to the hands-on work needed to fix each affected computer. “It’s incredibly difficult to manually fix millions of machines. And with people on vacation right now, the CEO might return from his trip to the Bahamas in a couple of weeks and find he can’t use his computers.”
This is easily the worst technical error or glitch of any security software provider ever.
–Richard Stiennon, cybersecurity industry analyst
Stiennon said he did not believe the outage revealed a larger problem with the cybersecurity industry or CrowdStrike as a company.
“The markets will forgive them, the customers will forgive them, and this will blow over,” he said.
Forrester analyst Allie Mellen commended CrowdStrike for clearly instructing customers on how to fix the problem. However, to regain trust, she said a more in-depth examination of what happened and what changes can prevent a recurrence will be necessary.
“A lot of this will likely come down to the testing and software development process and the work they’ve put into testing these kinds of updates before deployment,” Mellen said. “But until we see the complete retrospective, we won’t know for sure what the failure was.”
Disagree. Always important to prioritize thorough testing and quality control in software updates to prevent widespread issues like this.
jVWLUHsib