What Exactly Happened with CrowdStrike?
No, it’s not a cyberattack, it’s not a hack, it’s not any out-of-season April’s fool either.
Background
CrowdStrike is a leading cybersecurity firm that provides software to many big companies; from banks to airlines, many entrust CrowdStrike to protect their business from cyber threats.
Just like any respectable cybersecurity business, CrowdStrike releases updates for its software on a regular basis. Frequent updates = enhanced security.
The company released its latest update on a sunny Thursday, 18th of July, 2024. The product object of the update is Falcon, a comprehensive cybersecurity platform designed to protect endpoints and networks from various types of cyber threats. Here are its key functionalities:
Core Features
- Endpoint Detection and Response (EDR): Falcon provides continuous monitoring and detection of threats on endpoints, enabling rapid response to potential attacks.
- Next-Generation Antivirus (NGAV): It uses advanced AI and machine learning to detect and prevent malware and sophisticated attacks, including zero-day threats.
- Managed Threat Hunting: The platform includes a team of experts who actively hunt for signs of intrusions, ensuring that subtle threats do not go unnoticed.
- Threat Intelligence Integration: Falcon integrates real-time threat intelligence to enhance detection capabilities and inform security operations teams about emerging threats.
- Automated Remediation: The platform can automatically respond to incidents by quarantining affected devices or removing malware, which helps minimize the impact of attacks.
- Unified Security Management: Falcon consolidates all those security tools and functions into a single point, making everything simpler.
All of this looks amazing, and indeed many companies entrust it. But what happens when the update has an unexpected glitch? A lot of activities can go South! Especially if the version affected by the glitch is for the most common OS out there: Windows!
Nature of the Outage
If you run Windows with Falcon on it during these hours, you may bump into the infamous “blue screen of death” (BSOD)!
Users are experiencing various error messages, including “PAGE_FAULT_IN_NON_PAGED_AREA” and “CRITICAL_PROCESS_DIED” as their systems crash unexpectedly.
Impact on Businesses and Services
Major organizations, including banks, airlines, and government agencies, have reported significant operational disruptions. For instance, banks like ANZ and Commonwealth Bank, as well as airlines such as Virgin Australia, have been affected, leading to chaos in services and transactions. Retail outlets also faced issues as customers struggled to access cash due to electronic payment failures.
CrowdStrike’s Response
CrowdStrike is aware of the situation and is currently investigating the root cause of the crashes. They have acknowledged that the issue likely stems from the Falcon product update and are working on a fix. The company has advised users to boot their systems in Safe Mode and suggested temporary workarounds, such as renaming certain files in the CrowdStrike directory, although these solutions may not work for all systems.
If they don’t work, go for a long coffee break and just wait. This could be beneficial for many workaholics.
As usual in these cases, people got tragic and began to raise concerns about the reliability of cybersecurity solutions and the potential vulnerabilities that come with relying on third-party software.
Consequences for CrowdStrike
We can expect lots of lawsuits for the company, whether founded or not. Usually, IT companies always have solid clauses that protect them from unexpected outages, otherwise no IT service provider could ever survive.
However, the markets are already punishing CrowdStrike severely, with a downturn for the stock price worth of a bear crypto market!
As of now, CrowdStrike has not provided a timeline for when the issue will be fully resolved, leaving many businesses and users in a state of uncertainty.
But any wise business person should accept, and be prepared for IT bugs. IT systems are bound to fail from time to time. It’s Murphy’s Law. There is nothing you can do about it. You can just mitigate the chances and reduce them to the bone, but you will never ever manage to completely eliminate outages from your business’ life. Never!
There are only three certain things in life: death, taxes, and IT bugs!
Do you like AI-related stuff? You’re in luck then!
On the 31st of July, I will try something never attempted before. I’m going to write a whole book with ChatGPT, but I will stream the entire process live on Twitch!
Don’t miss this crazy event!
See you soon!
