Major disruption caused by the CrowdStrike incident affects enterprises worldwide

Nandini Roy Choudhury, writer

Brief news

• Cybersecurity firm CrowdStrike caused a global IT outage due to a flawed update.
• CrowdStrike is working on reverting the update and has implemented a solution for the issue.
• Various industries, including airlines, hospitals, and financial services firms, experienced significant impacts from the outage.

Detailed news

A recent update from cybersecurity firm CrowdStrike caused a significant IT outage on Friday, affecting businesses globally.

CrowdStrike informed NBC that they are currently working on reverting the update that led to the problem. They later confirmed that a solution for the issue has been implemented.

“CrowdStrike is currently assisting customers affected by a flaw discovered in a specific content update for Windows hosts.” According to CEO George Kurtz’s statement on X, Mac and Linux hosts remain unaffected.

This is not a security incident or cyberattack. The problem has been identified, isolated, and a solution has been implemented.

He emphasized the importance of customers referring to the support portal for the latest updates and working with their CrowdStrike representatives through official channels.

Kurtz expressed his apologies to those affected during an interview on the NBC program “TODAY” early Friday.

“We sincerely apologize for the negative consequences that our actions have had on customers, travelers, and anyone else affected, including our own company,” he expressed.

There was an update sent to the system, which unfortunately contained a software bug. As a result, it caused an issue with the Microsoft operating system. And now we are collaborating with every customer to ensure their prompt return to online operations.

Kurtz mentioned that the update was a regular part of the company’s standard procedure to mitigate security risks. However, he acknowledged the need for an investigation to identify any potential issues.

The confirmation was made following numerous reports of technical difficulties, as Microsoft users worldwide encountered an error screen commonly referred to as the “blue screen of death.”

CrowdStrike shares experienced a significant decline of over 11% on Friday morning, while Microsoft’s stock remained relatively stable.An extensive disruption
Various industries, including airlines, hospitals, and financial services firms, experienced significant impacts.

American Airlines, self-proclaimed as the world’s largest, acknowledged a technology issue that is impacting “multiple carriers,” including American. Similarly, the Dutch division of Air France-KLM stated that it has been compelled to suspend the majority of its operations.

The Royal Surrey hospital in Great Britain recently experienced a “critical incident” which led to the temporary suspension of radiography treatment. Meanwhile, the National Health Service in England reported disruptions in the majority of doctors’ practices.

Various banks and financial companies globally have encountered problems, including German insurance giant Allianz, which is currently facing a significant outage affecting employees’ ability to log into their computers. It has an impact on numerous companies beyond Allianz.

NBCUniversal is experiencing the impact of the CrowdStrike outage.

Stay informed about the latest updates on the companies that have been impacted.

‘Unprecedented’
Satnam Narang, a senior staff researcher at Tenable, expressed to CNBC on Friday that the outage was causing a significant impact and was unparalleled in terms of its magnitude and reach.

“The challenge here is that security software, due to its role in safeguarding organizations, requires higher levels of access to these machines,” he explained.

It seems that some individuals perceive these incidents as Windows failures when they encounter a sudden appearance of a blue screen. However, it is important to note that this issue is not directly caused by Windows itself, but rather stems from a problematic or flawed update from certain security software.

Narang remarked that the situation is highly unusual and unlike anything they have encountered before.

Omer Grossman, the CIO at cybersecurity firm CyberArk, expressed concern about the significant impact of this outage.

The glitch is a result of a software update for CrowdStrike’s EDR product. This product operates with elevated privileges to safeguard endpoints. According to an emailed comment, a malfunction in this can lead to a crash of the operating system, as we are witnessing in the current incident.

According to Grossman, getting back online is not expected to be a simple task.

It appears that the endpoints have crashed, resulting in the infamous Blue Screen of Death. Unfortunately, remote updates are not possible in this situation, so the problem will need to be addressed manually, one endpoint at a time. According to him, this process will likely take several days.

Source : CNBC News, NBC News, NBCUniversal