Tag Archives: CrowdStrike

CrowdStrike Outage To Cost US Fortune 500 Companies $5.4bn



The global technology outage sparked by CloudStrike’s faulty update will cost US Fortune 500 companies $5.4bn, insurers estimated, as the cybersecurity firm vowed to make changes to prevent it from happening again, The Guardian reported.

The projected financial losses exclude Microsoft, the tech giant whose systems suffered widespread failures in the crash.

Companies in banking and healthcare are expected to be hit the hardest, according to the insurer Parametrix, as well as major airlines. The total insured losses for the non-Microsoft Fortune 500 companies could be between $540m and $1.08bn.

According to The Guardian, a variety of industries are still struggling to rectify the damage from CrowdStrike’s outage, which grounded thousands of flights, caused turmoil at hospitals and crashed payment systems in what experts have described as the largest IT failure in history. The outage exposed how modern tech systems are built in precarious ground, with faulty code in a single update able to bring down operations around the world.

CNN reported insurers have begun calculating the financial damage caused by last week’s devastating CrowdStrike software glitch that crashed computers, canceled flights, and disrupted hospitals all around the globe — and the picture isn’t pretty.

What’s been described as the largest IT outage in history will cost Fortune 500 companies alone more than $5 billion in direct losses, according to one insurer’s analysis of the incident published Wednesday.

The new figures put into stark relief how a single automated software update brought much of the global economy to a sudden halt — revealing the world’s overwhelming dependence on a key cybersecurity company — and what it will take to recover.

The estimates come the same day that CrowdStrike issued a preliminary report on how it inadvertently caused the widespread IT meltdown. It is the most dedicated technical analysis to date of the outage.

Businesses are scrambling to recover – especially Delta Air Lines. Delta is still dealing with fallout from the glitch, as thousands of flights have been canceled. The Department of Transportation is investigating.

TechCrunch reported CrowdStrike, the cybersecurity firm that crashed millions of computers with a botched update all over the world last week, is offering its partners a $10 Uber Eats gift card as an apology, according to several people who say they received the gift card, as well as a source who also received one.

On Tuesday, a source told TechCrunch that they received an email from CrowdStrike offering them the gift card because the company recognizes “the additional work that the July 19 incident has caused.”

“And for that, we send our heartfelt thanks and apologies for the inconvenience,” the email read. According to a screenshot shared by the source. The same email was posted on X by someone else. “To express our gratitude, your next cup of coffee or late night snack is on us!”

In my opinion, it seems like CrowdStrike is trying to make amends for the botched code it used. Perhaps the company learned something from this, and is – hopefully – putting things in place so this never happens again.


Microsoft Says About 8.5 Million Of Its Devices Affected By CrowdStrike



A global tech outage that was related to a software update by cybersecurity firm CrowdStrike affected nearly 8.5 million Microsoft devices, Microsoft said in a blog post on Saturday, Reuters reported.

“We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines,” It said in the blog.

A software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, triggered systems problems that grounded flights, forced broadcasters off the air and left customers without access to services like healthcare or banking. 

According to Reuters, CrowdStrike has helped develop a solution that will help Microsoft’s Azure infrastructure accelerate a fix, Microsoft said, adding that it was working with Amazon Web Services and Google Cloud Platform, sharing information about the effects Microsoft was seeing across the industry.

Microsoft posed on their Official Microsoft Blog – “Helping our customers through the CrowdStrike outage”

Steps taken have included:

  • Engaging with CrowdStrike to automate their work on a developing solution. CrowdStrike has recommended a workaround to address the issue and has also issued a public statement. Instructions to remedy the situation on Windows endpoints were posted on the Windows Message Center.
  • Deploying hundreds of Microsoft engineers and experts to work directly with customers to restore services
  • Collaborating with other cloud providers and stakeholders, including Google Cloud Platform (CGP) and Amazon Web Services (AWS), to share awareness on the state of impact we are each seeing across the industry and inform ongoing conversations with CrowdStrike and customers.
  • Quickly posting manual remediation documentation and scripts found here
  • Keeping customers informed of the latest stats on the incident through the Azure Status Dashboard here 

NPR reported disruptions caused by Friday’s global tech outage continued into Saturday, as employees of airlines, banks, hospitals and other crucial businesses worked to catch up from the backlog caused by the historic technological meltdown that affected 8.5 million Windows devices worldwide.

Airlines were playing the biggest catchup game, after carriers were forced to cancel thousands of flights on Friday, leaving planes and crews stuck in the wrong locations. As of Saturday afternoon, with nearly 1,500 flights across the U.S. had been canceled for the day, with another 4,600 delayed, according to the flight tracking site FlightAware.

Stranded travelers, meanwhile, expressed frustration.

Hospitals, too, were hit with a backlog after being forced to cancel appointments, including elective surgeries. 

Massachusetts General Brigham, a Boston-based hospital, said it was back to being operational on Saturday after canceling all non-urgent surgeries and other appointments on Friday because of the outage.

In my opinion, I can see why stranded travelers, who had their flight canceled, would be upset about this situation. Nobody wants to be stranded in an airport.

 


CrowdStrike Explains What Happened



CrowdStrike put up a blog post that gives some information about what happened recently. Here is part of that blog post:

On July 19, 2024, at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggers a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.

The sensor configuration update that caused the system crash was remediated on Friday, July 19, 2024 05:27 UTC.

This issue is not the result of or related to a cyberattack.

Impact: Customers running Falcon sensor for Windows version 7.11 and above, that were online between Friday, July 19, 2024 04:09 UTC and Friday, July 19, 2024 05:27 UTC, may be impacted 

Systems running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration from 04:09 UTC to 05:27 UTC — were susceptible to a system crash.

Root Cause Analysis: We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing. We are committed to identifying any foundational workflow improvements that we can make to strengthen our process. We will update our findings in the root cause analysis as the investigation progresses.

In addition, CrowdStrike wrote: Systems running on Linux or macOS do not use Channel File 291 and were not impacted.

CNBC reported: Security experts said CrowdStrike’s routine update of its widely used cybersecurity software, which caused clients’ computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed. 

The latest version of its Falcon Sensor software was meant to make CrowdStrike’s clients’ systems more secure against hacking by updating the threats it defends against. But faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies like Microsoft’s Windows operation system.

Global banks, airlines, hospitals and government offices were disrupted. CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.

The Guardian reported scammers are attempting to use global CrowdStrike outage on Microsoft Windows systems to steal from small businesses by offering fake fixes, the Australian government has warned.

The Australian Cyber Security Centre warned on Saturday that a number of malicious websites and “unofficial code” were being released, claiming to help businesses recover from the outage. The centre said it “strongly encourages all consumers to source their technical information and updates from official CrowdStrike sources only.”

In my opinion, I think someone really messed up the code that caused many computers to experience BSOD. Fortunately for me, my computer is macOS.