The Impact of the CrowdStrike Global IT Outage
On July 19th, 2024, what could be considered history’s largest IT outage occurred following a botched software update from security vendor CrowdStrike. This affected up to millions of Windows systems worldwide. Affected systems included those of airlines, financial institutions, and broadcasters.
Discover the world's top
health insurers.
Compare quotes with
a click of the button.
This Pacific Prime article will delve into the CrowdStrike global IT outage and its impact, along with apologies and responses from CrowdStrike in an effort to prevent such incidents from happening again in the future.
Overview of the CrowdStrike Outage: The Cause of the Outage
CrowdStrike is an endpoint security vendor with the Falcon platform serving as its primary technology, protecting systems from potential threats to minimize cybersecurity risks. The outage was caused by a flaw in the CrowdStrike Falcon platform rather than a Microsoft Windows flaw directly.
Falcon hooks on the Microsoft Windows OS as a high-privileged Windows kernel process, giving Falcon the ability to monitor operations in real time across the US. However, there was a flaw in Falcon sensor’s version 7.11 and up.
This caused a crash resulting in the infamous Blue Screen of Death (BSOD) for various businesses. The days-long outage, grounding planes and affecting other businesses, cost Fortune 500 companies around USD $5.4 Billion in damages.
Affected Businesses
Up to a staggering 8.5 million Windows devices were affected by the CrowdStrike outage. Affected businesses included airlines, healthcare providers, and broadcasters. Below are some of the businesses affected by the CrowdStrike outage.
Broadcasting and Media
Numerous media and broadcasting companies around the world, including the British broadcaster known as Sky News, were severely affected by the outage.
Airlines
The CrowdStrike outage led to severe flight delays and cancellations of over 10,000 flights worldwide. For instance, in the United States, affected airlines included Delta, United, and American Airlines, all of which were forced to cancel numerous flights until the systems were fully restored.
Multiple airports globally were also affected. These included the Amsterdam Schiphol Airport, the Toronto Pearson International Airport, and the Zurich Airport.
Healthcare
Numerous hospitals and clinics around the world saw major disruptions in appointment systems. Additionally, certain states such as New Hampshire, Indiana, and Alaska also had their 911 systems affected.
Finances
Financial institutions and online banking systems worldwide were affected by the outage, as were multiple payment platforms. To make matters worse, many individuals did not get their paychecks as expected.
These are just some of the examples of the businesses affected by the CrowdStrike global IT outage. For further reading on what businesses can learn from the mass IT outage, check out our article in the link below.
What Businesses Can Learn from the Worst IT Outage The World Has Seen
CrowdStrike’s Apology and Prevention Plans for the Future
CrowdStrike’s senior vice president for counter adversary operations, Adam Meyers, told the House Homeland Security Cybersecurity and Infrastructure Protection’s subcommittee in a hearing that the company was “deeply sorry” for the incident and was “determined to prevent this from happening again”.
During the hearing, Meyers went on to clarify that the outage was not due to a cyberattack nor prompted by AI. Rather, the outage was the result of a rapid response content update intended to address new cyberthreats.
Meyers also said that the company had undertaken a “full review” of the systems and begun implementing plans to “bolster our content update procedures” in hopes of emerging from the experience as a “stronger company”.
During the testimony, Meyers listed the following updates to CrowdStrike’s content update procedures to prevent future incidents:
- Customers can now pick their level of update adoption, such as early adopter, general availability, or opt-out/delay.
- The implementation of a new system of “concentric rings” approach for rolling updates.
- Updates are now treated as code updates, consisting of internal testing and phased information.
Conclusion
While sudden cyber incidents can pop up at any time, businesses can always craft a safety net with a business insurance plan, which not only helps cover employees’ medical bills in the event of medical emergencies, but also covers property, liability, and cyber incidents.
While plan selections and comparisons can be time-consuming and detail-intensive, we’re here to streamline the process for you and help you make the best choice for your organization.
As an international health insurance broker and employee benefits specialist with more than two decades of experience, Pacific Prime has offered not only health insurance plans, but also employee benefits solutions for companies.
What’s more, we can also go the extra mile in helping you out by offering completely impartial advice, available at no additional cost. If you have any questions, please don’t hesitate to get in touch with us and get a free quote here for plan comparisons.
- Layoff Insurance: What You Need to Know - October 29, 2024
- The Best Countries for Expat Healthcare - October 15, 2024
- World Mental Health Day: Misconceptions on Mental Health - October 11, 2024
Comments
Comments for this post are closed.
We'll notify you
when our team replies!