CrowdStrike: A Key Player in Cybersecurity
Several industries, including airlines, banks, automobile manufacturers, hospitals, media, and others, experienced significant downtime on Friday due to a Microsoft Windows device outage. Users throughout the world, including India, reported seeing a blue screen of death upon booting their devices.
CrowdStrike Holdings, Inc. is an American cybersecurity technology business headquartered in Austin, Texas. It gives cloud workload protection, endpoint security, threat intelligence, and cyberattack response services.
CrowdStrike was created in 2011 by George Kurtz (CEO), Dmitri Alperovitch (former CTO), and Gregg Marston (CFO, now retired). The next year, they took on Shawn Henry, a former Federal Bureau of Investigation (FBI) official, to run the company CrowdStrike Services, Inc., which gave security and response services. CrowdStrike Falcon, which gives endpoint protection, threat intelligence, and attribution, was the company’s first product, kicked off in June 2013.
Historical Investigations and the Recent Update Issue
The company has been involved in investigations into many high-profile cyberattacks, including the Sony Pictures hack in 2014, the Democratic National Committee (DNC) cyberattacks in 2015-16, and the DNC email dump of 2016. A defective update to its security software triggered global computer disruptions, affecting air travel, banking, television, and other businesses.
Following the Sony Pictures breach, CrowdStrike discovered evidence accusing the North Korean government and explained how the attack was carried out.
Impact on Microsoft’s Cloud Services
The outage was caused by a botched update from CrowdStrike, which oversees end-point security for several companies worldwide, including Microsoft. Overall, Microsoft’s portfolio of services, including Azure, Outlook, and Teams, was impacted throughout the day.
The Blue Screen of Death Explained
CrowdStrike, a Texas-based cybersecurity company, offers real-time threat management and detection to other businesses. On Friday, the corporation released an update to its security management systems, which was designed to improve protective features. The update, however, caused a conflict with Microsoft’s cloud service infrastructure, resulting in numerous devices displaying the blue screen of death.
The blue screen of death message appears in Windows when a critical issue causes the system to shut down or restart to prevent additional damage.
According to experts, CrowdStrike’s update created a fault in Microsoft’s servers, resulting in an unusual surge of traffic, forcing all services to cease responding to user queries.
This downtime affected all industries that used the CrowdStrike service to secure their devices. Banks and airlines experienced the greatest impact. Several airlines throughout the world were compelled to stop their aircraft and ask passengers to rearrange their flights.
Indian Airlines Severely Affected
Indigo, Akasa, Air India, SpiceJet, Air India Express, and other Indian carriers were forced to ground their planes. According to industry sources, about 300 flights have been canceled thus far, with approximately 200 for market leader Indigo alone as of 6 p.m. Cirium, a global aviation consulting business, reports that about 3,600 scheduled flights originate from Indian destinations.
Response and Resolution by CrowdStrike
Following the outcry, CrowdStrike worked to find the bug that was causing the outage and roll back the update. In a statement, the company said it had also provided a patch for the problem, which would allow users to log back into their systems.
The Indian Computer Emergency Response Team (Cert-In), the government’s central authority for all cybersecurity-related problems, affirmed that, while the fix has been given up, users should boot their machines into safe mode or the Windows recovery environment.
Expert Insights on the Importance of Product Diversity
With the blackout like the one that occurred on Friday deepens the outcomes of low-diversity products and services, according to Jake Moore, the global security advisor at cybersecurity firm ESET. “Where diversity is low, a single technical incident, not to mention a security issue, can lead to global-scale outages with subsequent knock-on effects,” according to Moore.