How a software update from cyber firm CrowdStrike caused one of the world’s biggest IT blackouts

🌈 Abstract

The article discusses a global IT outage caused by a software update from the cybersecurity firm CrowdStrike, which led to a cascade effect across various industries, including banking, healthcare, and air travel.

🙋 Q&A

[01] What is CrowdStrike and what does it do?

• CrowdStrike is a cybersecurity vendor that develops software to help companies detect and block hacks. It is used by many of the world's Fortune 500 companies, including major global banks, healthcare, and energy companies.
• CrowdStrike is an "endpoint security" firm that uses cloud technology to apply cyber protections to devices connected to the internet, rather than applying protection directly to back-end server systems.

[02] What happened on Friday?

• On Friday, people around the world began encountering the "blue screen of death" error, which was the result of an update from CrowdStrike concerning its Falcon product.
• The issue was caused by a fault in the way the CrowdStrike software update interacted with the Microsoft Windows operating system, causing machines running Windows to crash.
• CrowdStrike's software requires deep access to a computer's operating system to scan for threats, and in this case, the interaction with Windows led to the widespread outage.

[03] How is the issue being addressed?

• Microsoft confirmed that the affected update has been pulled by CrowdStrike, and customers experiencing issues should reach out to CrowdStrike for additional assistance.
• CrowdStrike is actively working with customers to address the issue, and a fix has been deployed, but implementing the fix could be challenging as it may require manual intervention in each affected data center.