What is CrowdStrike?

On Friday morning, July 19, 2024, several airlines, television stations, banks and other essential services ceased operations as shutdowns spread globally. The outage that caused the Blue Screen of Death error on many Windows machines globally involves a software company: CrowdStrike.

CrowdStrike plays a key role in helping companies find and prevent security breaches, claiming to have the 'fastest average time' to detect threats. Since launching in 2011, the Texas-based company has helped investigate many major cyberattacks, such as the 2014 Sony Pictures hack, as well as Russian cyberattacks on the Commission Democratic National Party in 2015 and 2016. As of the evening of July 18, 2024, CrowdStrike's valuation reached $83 billion.

According to CrowdStrike's website, the company also has about 29,000 customers, with more than 500 of them among the Fortune 1000.

But that popularity has put CrowdStrike in a position where it can cause major damage when something goes wrong, as evidenced by the massive offline shutdown of CrowdStrike-based systems and Windows-based hardware yesterday morning. CrowdStrike CEO George Kurtz said Friday that the company is 'actively working with customers affected by a bug found in a content update for Windows servers' while pressing emphasized that this issue is not related to a cyber attack. It also does not affect Mac or Linux machines.

The July 19 outage was tied to CrowdStrike's flagship Falcon platform, a cloud-based solution that combines multiple security solutions into a single hub, including antivirus, protection endpoint, threat detection, and real-time monitoring to prevent unauthorized access to corporate systems.

The update in question appears to have installed faulty software into the core Windows operating system, causing the system to get stuck in a boot loop. Systems are displaying an error message stating "It appears Windows is not loading properly" while also giving users the option to try troubleshooting methods or restart the PC.

'Our software is extremely interconnected and interdependent,' Lukasz Olejnik, a researcher, consultant and author of the book Philosophy of Cybersecurity, told The Verge. 'But in general, there are a lot of weaknesses, especially when there is a software monopoly within an organization'

Although CrowdStrike has rolled out a fix, getting everything up and running is not a simple task. Olejnik told The Verge that this issue could take 'days to weeks' to resolve, as IT administrators may have to gain physical access to the device to get it working again. How quickly it happens depends on the size and resources of the IT team at the company. Olejnik added: 'Some systems in certain cases may not be recoverable, but I expect the majority will be recovered' .

Lesley Montoya

Update 20 July 2024