Understanding the CrowdStrike Outage: A Guide for Business Owners and Managers in Geelong

On Friday, July 19, 2024, a routine software update from CrowdStrike, a leading cybersecurity company, caused a major issue affecting an estimated 8.5 million Windows computers.

This incident led to significant disruptions in many sectors, including airports, supermarkets, and media.

Here, we explain what CrowdStrike is, what went wrong with the update, how it impacted businesses, and how to protect your business.

What is CrowdStrike?
CrowdStrike, founded in 2011 and based in the United States, is a leading cybersecurity company. They act as digital bodyguards for businesses and large organizations, protecting them from cyber threats like ransomware, malware, and other online attacks.

Trusted by over 500 companies from the Fortune 1000 list, CrowdStrike has a solid reputation for quickly responding to cyber threats and has been involved in investigating major cyber incidents. Their main product is the Falcon sensor program, a cloud-based security system designed to detect and stop cyber threats in real time.

What is Falcon Sensor?
Think of your computer as a house. Regular antivirus software is like a security system that looks for specific types of bad guys (like burglars) it recognizes from before. If it sees any of these known bad guys, it stops them from getting in.

Falcon sensor is more advanced, known as an EDR (Endpoint Detection and Response). It’s like having a smart security guard for your house. This guard not only looks for the bad guys that the antivirus knows but also keeps an eye out for any strange or suspicious activity. The guard can investigate unfamiliar situations and take action to protect your house, even if the threat is something new.

While an antivirus is good at stopping known threats, an EDR is much better at handling new and unexpected threats to keep your computer safe. The trade-off is that EDR requires a deeper level of access and rapid updates to stay on top of quickly changing threats. Unlike other software updates, these can’t be rolled out in stages.

What Happened?

On July 19, a routine software update from CrowdStrike caused major disruption for many businesses around the world.

Early that morning, CrowdStrike released an update to their Falcon sensor program. This update was intended to improve security by targeting specific tools used in cyber attacks. However, the update contained a coding mistake, known as a “logic error.”

This mistake caused Windows computers running Falcon sensor to crash, leading to the infamous “Blue Screen of Death” (BSOD).

The impact was immediate and widespread.

Many businesses found their Windows computers unusable, resulting in significant disruption. Airports experienced chaos as their systems failed, supermarket checkouts malfunctioned, and journalists faced difficulties reporting on the issue due to their equipment crashing.

The problem affected millions of devices globally. People reported that their computers went into a reboot loop, making them impossible to use.

CrowdStrike responded quickly. Within an hour of identifying the issue, they began working on a fix. By 5:27 am UTC, they released an update to correct the faulty configuration files.

However, the recovery process varied. For many, the issue could be resolved remotely by deleting the problematic file if the system was online. For those with offline systems, manual deletion of the file was necessary, often requiring help from IT support.

What Was the Impact on Businesses?

The CrowdStrike outage had a huge impact on businesses across many sectors.

  • Airports and Airlines: The outage led to significant disruptions at airports. Systems that manage flight schedules, ticketing, and customer service were hit, causing delays and confusion. Passengers experienced long lines and delays as airport staff struggled to manage without their usual digital tools.
  • Supermarkets and Retail: Many supermarket checkouts malfunctioned, making it impossible to process sales. This led to frustrated customers and lost sales as stores struggled to operate without their point-of-sale systems. Some retailers had to close temporarily until their systems were restored.
  • Media and Journalism: Journalists and media companies faced major challenges as their computers crashed, leaving them without the essential tools needed to report on the incident. This disrupted news coverage and the ability to provide timely updates to the public.
  • Banks and Financial Services: The financial sector also felt the impact, with banks experiencing system outages that affected transactions and customer service. Online banking services were disrupted, leading to difficulties for customers trying to access their accounts or perform financial transactions.
  • General Business Operations: Across the board, businesses that relied on Windows systems experienced productivity losses. Employees were unable to access important files, communicate effectively, or perform their usual tasks. Many companies found it difficult to provide customer support as their systems were down. Call centers and online help desks faced increased volumes of queries and complaints, further straining resources.
  • Healthcare: While not as widely reported, healthcare institutions using affected systems could have faced delays in accessing patient records, scheduling, and other critical operations, potentially impacting patient care.

Overall, the CrowdStrike outage demonstrated how critical reliable cybersecurity tools are for business continuity. It highlighted how interconnected modern business operations are and the widespread impact that a single software issue can have.

Businesses are now likely to review their contingency plans and IT support readiness to better handle similar incidents in the future.

How We Can Help Your Business

Many businesses are now reviewing their disaster recovery plans and business continuity software. They want to be sure they have clear procedures to help mitigate the impact of future disruptions.

At Evongo IT, we help dozens of businesses in Geelong stay safe from cyber threats while helping their teams stay productive through great IT planning and support.

Ask us to review your current operations or plan a strategy to make sure your business is protected.

Interested in how Evongo can better your company?

Arrange a free no-obligation consultation Get In Touch
Simple. Reliable, Advanced IT for business