Saturday, July 20, 2024

19th July 2024 - The CrowdStrike "Software Update" that Y2K wished it was!

On July 19, 2024, a faulty software update from CrowdStrike, a leading cybersecurity firm, caused a widespread outage impacting businesses globally. I'm writing this blog post mostly for posterity. I will dive into the context of the outage, its far-reaching effects, and the current remediation efforts.


 

Context: A Flawed Update Disrupts Operations

The culprit behind the outage was a defective update rolled out for CrowdStrike's Falcon tool, specifically affecting Windows machines. This update triggered critical errors, causing systems to crash and hindering essential operations. It's important to emphasize that CrowdStrike assures this was not a cyberattack.

 

Impact: A Ripple Effect Across Industries

The outage cascaded across various sectors, causing significant disruptions. Here's a glimpse of the widespread impact:

  • Travel: Airlines were heavily affected, with grounded flights due to issues with check-in systems and flight calculations.
 
 

  • Finance: Banks and other financial institutions experienced disruptions, hindering critical services.
  • Healthcare: Hospitals and medical facilities faced challenges, impacting patient care.
  • Businesses: Small and large businesses alike grappled with operational slowdowns and service outages.


Remediation: Restoring Systems and Preventing Recurrence

Official remediation advice from CrowdStrike: https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/

CrowdStrike responded to the crisis. They identified the faulty update, isolated the issue, and deployed a fix. Additionally, they've offered resources and support to impacted customers to ensure a smooth recovery.

I found a Reddit thread that was kept updated by the community on the proposed workarounds and solutions.

 

Conclusion: Learning from the Outage

The CrowdStrike outage serves as a stark reminder of our dependence on cybersecurity solutions and the potential consequences of technical glitches. By prioritising robust testing, open communication, and exceptional customer support, CrowdStrike can rebuild trust and ensure a more resilient future.

 
Looking forward to learning how the defective software update reached millions of devices worldwide. There will be a lot of learnings for all of technologists from this unfortunate incident. Most importantly, since CrowdStrike is a US company, a Congressional Hearing is in order.