
If you're a business or individual relying on CrowdStrike for security, you might be wondering if the recent outage will affect you. The short answer is, it depends on your specific setup and needs.
CrowdStrike is a cloud-based security platform that provides endpoint protection, threat intelligence, and incident response. If you're using their services, you might be impacted by the outage.
The good news is that CrowdStrike has a robust infrastructure in place to minimize downtime. According to their statement, the outage was caused by a rare and unexpected issue with their cloud provider.
CrowdStrike has been working to resolve the issue and restore service as quickly as possible. They've also been transparent about the outage, providing regular updates to their customers and the public.
What You Need to Know
The CrowdStrike outage was a major failure that affected millions of Windows devices.
On July 19, 2024, a glitch in the CrowdStrike Falcon Sensor software update caused a massive failure, resulting in a blue screen of death on many devices.
The update was intended to improve security, but it ended up causing widespread disruptions instead.
Businesses of all sizes were affected, including airlines, which reported thousands of canceled flights and over $500 million in lost revenue and extra costs.
Delta Air Lines was one of the airlines severely impacted by the outage.
Less than one percent of Windows devices were affected by the CrowdStrike incident.
Microsoft estimated that around 8.5 million devices were affected.
The company is deploying hundreds of engineers to help deploy a manual fix.
The fix has to be deployed manually across each Windows computer in an organization, unless the sysadmin can automate the process.
It may take some time for the world to recover from the outage, as CrowdStrike is warning users.
Check this out: Allegiant Airlines Outage
Why the Outage Happened
The "Channel File 291" incident was the root cause of the outage, caused by a flawed update in CrowdStrike Falcon that prompted the "Blue Screen of Death" BSOD in Microsoft Windows.
CrowdStrike Falcon is a popular endpoint protection solution that uses machine learning and AI to detect and respond to threats. However, the update in question was comprised of a channel file intended to improve behavioral protections, but it introduced a logic error instead.
The flawed update was present in versions of the Channel File 291 with a specific timestamp, July 19, 2024, 04:09 UTC. Versions timestamped July 19, 2024, 05:27 UTC or later did not contain the flaw, as CrowdStrike had already caught and reverted the bug.
The initial estimation of systems affected reached 8.5 million instances, which is less than 1% of Microsoft's overall Windows installation index. However, this figure only accounts for those who shared crash reports with Microsoft.
Curious to learn more? Check out: Crowdstrike Executive to Apologize for July Outage
Impact and Implications
The CrowdStrike outage had far-reaching consequences, not just for the businesses directly affected but for the entire cybersecurity industry.
The outage affected 8.5 million Windows devices, which is less than 1% of Windows devices, but still had a massive impact across many industries.
Recommended read: Are Credit Cards Affected by the Outage
Every crucial sector, including agriculture, airlines, banking, energy, government, healthcare, manufacturing, and retail, was affected by the outage.
The incident highlights the importance of digital connectivity and how a single outage can have a ripple effect on critical infrastructure and cyber-physical objects.
Everything from our food supply to our energy systems depends on secure and resilient digital technologies.
The outage was caused by a defect found in a Falcon content update for Windows hosts, which was not a cyberattack.
CrowdStrike employees identified the problem quickly and transparently communicated to the world that this was not a cyberattack.
The incident raises important questions about liability, accountability, and deterrence, and the losses from this one incident will likely be measured in billions of dollars.
CrowdStrike is operating normally, and this issue does not affect their Falcon platform systems, but it does highlight the potential for non-malicious disruptions to have a significant impact.
The focus of cyber insurance policies is often on malicious security incidents, but this incident emphasizes the importance of including non-malicious disruptions as part of insurance strategies.
The outage was devastating and helps people imagine what could happen in a more widespread outage or targeted attack, which could have catastrophic consequences, such as targeting our energy grid or satellite systems.
Curious to learn more? Check out: What Is for You Will Not Pass You?
The Aftermath
The aftermath of the CrowdStrike outage was a disaster for many organizations. The recovery process took hours, even days, with each affected system needing a manual reboot to delete the faulty Channel File 291.
Delta Air Lines was one of the hardest hit, with over 37,000 computers affected and over 1.3 million people's journeys disrupted. They canceled thousands of flights and estimated losses at over $500 million.
Many hospitals in North America paused non-urgent visits, while the British NHS was unable to access medical records or prescriptions. This paralyzing issue forced many institutions to enter their emergency IT plans.
The outage had a significant impact on CrowdStrike itself, with estimated losses of $5.4 billion and a share price drop of almost 25%. This devalued the company by over $20 billion.
Cybercriminals quickly took advantage of the situation, posing as CrowdStrike employees via phone calls and phishing emails. CISA advises organizations to be diligent and follow instructions from legitimate sources only.
Curious to learn more? Check out: Delta Says Crowdstrike Outage Cost It at Least $500 Million
Featured Images: pexels.com


