CrowdStrike Inc. co-founder and CEO George Kurtz speaks at the Montgomery Summit in Santa Monica, California.
Patrick T. Fallon Bloomberg | Getty Images
A glitch in an update released by cybersecurity firm CrowdStrike on Friday caused a cascading effect on IT systems around the world, with industries from banks to airlines facing service outages.
As businesses around the world grapple with ongoing power outages, services to banks and healthcare providers have been disrupted and television broadcasters have been crippled. Air travel has also been hit hard, with planes grounded and services delayed.
At the heart of the problem is Texas cybersecurity vendor mass strike. The cybersecurity company experienced a major outage on Friday due to a software update issue.
So what exactly happened? CNBC takes a look.
What is CrowdStrike?
CrowdStrike is a cybersecurity vendor that develops software to help companies detect and block hacker attacks. It is used by many of the world’s Fortune 500 companies, including major global banks, healthcare and energy companies.
CrowdStrike is a so-called “endpoint security” company because it uses cloud technology to apply network protection to devices connected to the Internet.
This differs from the alternative approach used by other web companies, which involves applying protection directly to back-end server systems.
What happened on Friday?
On Friday, people around the world began encountering an error screen known as the “Blue Screen of Death.”
This problem is common in computers, such as machines overheating, and is the result of updates from cybersecurity companies CrowdStrike on its Falcon product.
Falcon is a platform the company developed to stop cyber breaches using cloud technology – and is at the heart of the company’s focus on endpoints. CrowdStrike said on Friday it was rolling back the update globally.
CrowdStrike’s software requires deep access to a computer’s operating system to scan for threats. During Friday’s outage, machines running Microsoft’s Windows operating system crashed due to a glitch in the way a software update released by CrowdStrike interacted with Windows.
“We are aware of an issue affecting virtual machines running Windows Client and Windows Server running the CrowdStrike Falcon agent that may experience a bug check (BSOD (Blue Screen of Death)) and get stuck in a reboot state. We The impact is estimated to begin on July 18 at approximately 19:00 UTC,” Microsoft said in an update at 5:40 a.m. ET.
“We can confirm that the affected updates have been pulled by CrowdStrike. Customers who continue to experience issues should contact CrowdStrike for additional assistance,” the company added.
Fix released
Previously, Microsoft said its cloud services had Azure services and the Microsoft 365 suite of applications in the Central US region have recovered after an outage that affected them. A company spokesperson said these are two separate and unrelated issues – one with Azure and the other with CrowdStrike.
They added that they “expect to reach a resolution on the CrowdStrike issue soon.”
CrowdStrike CEO George Kurtz said in an update to social media platform .
“This is not a security incident or cyber attack. The issue has been identified, isolated and a fix has been deployed,” Kurtz says.
However, this fix may be difficult to implement. Andy Grayland, director of information and security at threat intelligence company Silobreaker, said that in order to implement the fix, engineers had to access the data center of each running window.
He said they then had to log in, navigate to a CrowdStrike file, delete it, and then reboot the entire system.
“With machines encrypted, complex encryption keys also need to be entered manually. Unless Microsoft and CrowdStrike (if they are involved) pull a miracle out of the bag, recovery could be a pain.”
About The Author
