The July 2024 CrowdStrike-Microsoft incident led to a global IT outage, impacting numerous sectors, including airlines, healthcare, and the financial industry. Here’s a summary of the key events.
Cause of Outage: On July 18, 2024, CrowdStrike released a software update for its cybersecurity platform, Falcon. This inadvertently caused widespread disruptions to IT systems platformed on Microsoft Windows. It affected approximately 8.5 million Windows devices worldwide.
Grounding of flights, disruption to healthcare services, and international payment systems were disrupted. Major airlines, including Ryanair and United, suffered delays and cancelled flights. Hospitals postponed surgeries and closed outpatient departments.
Microsoft quickly pointed out the incident was not their fault but a defect in CrowdStrike's FALCON update. Microsoft engineers assisted affected customers working with CrowdStrike to develop solutions and keep users informed internationally.
CrowdStrike's CEO, George Kurtz, confirmed the technical issue, attributing it to faulty code not the result of a cyberattack. He regretted the disruption caused to customers and outlined steps they had taken to rectify the situation.
Economic and Security Concerns: The incident highlighted the vulnerabilities in global IT systems, where a single software update can cascade across various sectors. Experts noted this was not a cyberattack, but raised concerns about the reliance on shared platforms. The potential national security implications of such widespread outages are enormous and need review.
Recovery from the outage is ongoing, with many organisations continuing to restore full functionality. The HSE and UK NHS have issued advisories to assist hospitals in managing the aftermath of the disruption. This incident serves as a reminder of the need for extra rigorous testing and carefully staged deployments in software updates, particularly for systems that play vital roles across vital public services such as hospitals, Public Transport and payment systems.
CrowdStrike found a programming flaw, called a “logic error”, as the culprit in the outage. However, the sensor configuration update to Falcon triggered the logic error.
The error sent affected Windows servers and PCs into an infinite loop, leading to a system crash and “blue screen of death.”
The sensor configuration update that ultimately triggered the logic error was released to Windows systems shortly after midnight, July 18th, early Friday morning.
“Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform,” CrowdStrike said.
For an unknown reason, “this configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems,” the company said.
“We are doing a thorough root cause analysis to determine how this logic flaw occurred,” CrowdStrike said. In the IT world, logic errors are well-known for causing “infinite loops” that cause the continual consumption of CPU resources and lead to a system crash, also known as a “blue screen of death.”
It has fallen from roughly $345 to $270. A 20% or so fall.
Talk with an Expert about protecting your organisation
Reports from various sources suggested 125 of Fortune 500 were affected, with average losses of nearly $45 million. One of the biggest industries hit during the was airlines including Europe's largest airline Ryanair. Reports say it will cost six of the Fortune 500 airlines approximately $860 million,
CrowdStrike (CRWD) is fighting Delta Air Lines's claims that it was responsible for the massive outage that caused thousands of flight cancellations in July. The outage, which occurred at the peak of the summer travel season, cost Delta an estimated $500 million in damages, the only period of the year when airlines make real profits. Crowdstrike Stock price has fallen from nearly $395 to just over $200, but still has a market cap (CRWD) of $50 billion.
Delta CEO Ed Bastian has publicly stated the airline will pursue legal action against CrowdStrike and Microsoft to recoup its losses. However, CrowdStrike has countered these claims, stating that its CEO offered onsite assistance to Delta during the crisis which Delta refused. The company has also emphasized that its liability is limited to less than 10 million.
The dispute between the two companies is escalating, with legal teams exchanging letters and Delta requesting lots of documentation related to its IT infrastructure and outage management. Ryanair, also hit are said to be considering its options at the moment.
Articles, links and connections from the BeSecureOnline site you might find interesting
Get the latest updates in your email box automatically.
Your nickname:
Email address:
Subscribe