On Friday, July 19th, 2024, a routine software update from CrowdStrike, a leading cyber security company, caused a major issue affecting an estimated 8.5 million Windows computers.
This incident led to significant disruptions in various sectors, including airports, supermarkets, and media. Here, we explain what CrowdStrike is, what went wrong with the update, how it impacted businesses, and what steps are being taken to resolve the issue.
What is CrowdStrike?
CrowdStrike is a leading cyber security company, founded in 2011 and based in the United States. Essentially, they act as digital bodyguards for businesses and large organisations, protecting them from cyber threats like ransomware, malware, and other online attacks.
Their main product is the Falcon sensor programme. This cloud-based security system detects and stops cyber threats in real-time. Because it operates through the Internet, it doesn’t require users to install extra software or hardware on their computers. Instead, it communicates directly with CrowdStrike’s servers to stay updated and ready to tackle any potential threats.
CrowdStrike is trusted by a wide range of businesses, including more than 500 companies from the Fortune 1000 list. They have a solid reputation for responding quickly to cyber threats and have been involved in investigating major cyber incidents, such as the Sony Pictures hack in 2014 and the attacks on the Democratic National Committee in 2015 and 2016.
In short, CrowdStrike helps businesses stay safe from digital threats, allowing them to operate smoothly and securely in an increasingly digital world.
What happened?
On July 19th, a routine software update from CrowdStrike caused a major disruption for many businesses worldwide. Here’s what went wrong:
Early that morning, CrowdStrike released an update to their Falcon sensor program. This update was intended to improve security by targeting specific tools used in cyber attacks. But the update contained a coding mistake known as a “logic error.”
This mistake caused Windows computers running the Falcon sensor to crash, leading to the infamous “Blue Screen of Death” (BSOD).
The impact was immediate and widespread.
Many businesses found their Windows computers unusable, resulting in significant disruption. Airports experienced chaos as their systems failed, supermarket checkouts malfunctioned, and journalists faced difficulties reporting on the issue due to their equipment crashing.
The problem affected millions of devices globally, especially those using the Falcon sensor on Windows version 7.11 or higher. People reported that their computers went into a reboot loop, making it impossible to use them.
CrowdStrike responded quickly. Within an hour of identifying the issue, they began working on a fix. By 5:27 am UTC, they released an update to correct the faulty configuration files. However, the recovery process varied. For many, the issue could be resolved remotely by deleting the problematic file if the system was online. For those with offline systems, manual deletion of the file was necessary, which often required help from IT support.
Impact on businesses
The CrowdStrike outage had a profound impact on businesses across various sectors. Here’s how it affected different industries and day-to-day operations:
AIRPORTS AND AIRLINES. The outage led to significant disruptions at airports. Systems that manage flight schedules, ticketing, and customer service were hit, causing delays and confusion. Passengers experienced long lines and delays as airport staff struggled to manage without their usual digital tools.
SUPERMARKETS AND RETAIL. Many supermarket checkouts malfunctioned, making it impossible to process sales. This led to frustrated customers and lost sales as stores struggled to operate without their point-of-sale systems. Some retailers had to close temporarily until their systems were restored.
MEDIA AND JOURNALISM. Journalists and media companies faced major challenges as their computers crashed, leaving them without the essential tools needed to report on the incident. This disrupted news coverage and the ability to provide timely updates to the public.
BANKS AND FINANCIAL SERVICES. The financial sector also felt the impact, with banks experiencing system outages that affected transactions and customer service. Online banking services were disrupted, making it difficult for customers to access their accounts or perform financial transactions.
GENERAL BUSINESS OPERATIONS. Across the board, businesses that relied on Windows systems experienced productivity losses. Employees could not access important files, communicate effectively, or perform their usual tasks. This led to project delays, missed deadlines, and overall frustration among staff.
CUSTOMER SERVICE. Many companies found it difficult to provide customer support as their systems were down. Call centres and online help desks faced increased volumes of queries and complaints, further straining resources.
HEALTHCARE. While not as widely reported, healthcare institutions using affected systems could have faced delays in accessing patient records, scheduling, and other critical operations, potentially impacting patient care.
While CrowdStrike responded quickly to address the issue, the recovery process varied for different businesses. Those able to delete the problematic file remotely recovered faster, while others needed manual intervention. This meant that some businesses were back online within hours, while others faced longer delays.
Overall, the CrowdStrike outage demonstrated how critical reliable cyber security tools are for business continuity. It highlighted the interconnectedness of modern business operations and the widespread impact that a single software issue can have. Businesses are now likely to review their contingency plans, and IT support readiness to better handle similar incidents in the future.
How we can help your business
In response to this outage, many businesses are now reviewing their own IT strategies and contingency plans to make sure they have robust backup systems and clear procedures for responding to such incidents can help mitigate the impact of future disruptions.
We don’t use CloudStrike at IT Trouble Free, so our customers weren’t affected. But if your business was and you would like help to plan your proactive IT strategy, please get in touch.