What Is CrowdStrike, the Company Behind Today's Global Tech Outage?
If you tried to take a flight today, withdraw money from your bank, or even call 911, there’s a good chance you were impacted by the CrowdStrike outage Friday morning. The issue took down whole fleets of corporate Windows PCs around the world, and it wasn’t even malicious. Instead, the problem stems from a faulty update the cybersecurity firm pushed out overnight. IT departments are currently implementing fixes and executives are issuing apologies, but who is CrowdStrike, and how did we even get here?
Who is CrowdStrike?
Microsoft’s built-in Windows Security tools are probably enough for most people, but businesses need extra protections. That’s where CrowdStrike comes in: The company, which launched in 2011, focuses largely on assessing data risks and finding leaks and other vulnerabilities. It’s had some big wins in the past, including finding the source of 2014’s Sony Pictures leak and investigating the 2015 and 2016 Russian cyberattacks on the Democratic National Committee. According to Reuters, the firm has about 29,000 customers and reported $900 million in revenue during its latest financial quarter.
It’s hard to imagine all that coming to an end because of one bad update on one product out of many, but the results of the error have been disastrous, grounding over 3,000 flights globally, among numerous other issues. The company is down over 11% on the NASDAQ at time of writing.
How did this happen?
The problems started with an update to CrowdStrike’s Falcon Sensor, one of many services the company offers, which protects cloud-based files. If there’s any silver lining, it’s that the issue should not directly affect personal computers, since CrowdStrike is enterprise-level software. It also wasn’t a hack or leak, so companies don’t need to worry about their data falling into the wrong hands.
At the same time, the broken file introduced by the update is proving difficult to remove, with airlines continuing to ground flights and delivery trucks facing delays despite good weather.
While CrowdStrike works with Windows, Mac, and Linux, only Windows clients are facing outages at the moment. Microsoft told the BBC that it’s aware of the issue, but initially left the onus for the fix on CrowdStrike, before CEO Satya Nadella later posted that Microsoft is now "working closely with CloudStrike" on providing customers with technical support.
Who uses CrowdStrike?
While you might not experience the outage on your personal machine, you could still be impacted if you do business with a company that’s having issues. CrowdStrike clients include Google, Amazon, Intel, and Target, so even remote workers who never touch an airport could run into problems with everyday tasks like grocery shopping.
What happens next?
CrowdStrike has issued a fix for the problem, but it’ll take some time for it to be implemented since it requires painstakingly removing the problem file from every affected computer, either through continual reboots or by searching for it in a recovery environment. In the meantime, CEO George Kurtz said in an apology post that "all of CrowdStrike" has mobilized to provide support. He also assured users that, aside from the faulty update, CrowdStrike's protections continue to operate as usual, although he warned that bad actors may try to take advantage of the situation by falsely posing as CrowdStrike representatives. Users are encouraged to ensure they're speaking to official CrowdStrike staff while troubleshooting the error.
As for CrowdStrike itself, the company dropped 12% in premarket trading on Friday, down from its market value of $83.5 billion at Thursday’s close.
Given the scope of the issue, regulators are likely to step in, although official statements are still forthcoming. In the meantime, affected computers including airport flight departure screens are still showing the dreaded blue screen of death error.
CrowdStrike is not the only company of its kind, with competitors like Palo Alto Networks and Zscaler offering similar services. Palo Alto’s market capitalization is currently $104.87 billion, and it’s possible today’s debacle will only contribute to its lead.
Today’s hardships may also bolster Mac and Linux sales, as while the outages companies are facing today largely stem from CrowdStrike, Microsoft has confirmed more minor issues with its Azure cloud services, leading some news sites to simply refer to the problem as a “Microsoft outage” or “Windows outage.”
The tech company CrowdStrike, known for its focus on assessing data risks and finding vulnerabilities, launched in 2011 and has a significant client base including Google, Amazon, Intel, and Target. Despite its positive track record, such as investigating the 2015 and 2016 Russian cyberattacks on the Democratic National Committee, the company recently faced an issue with a faulty update to its Falcon Sensor, causing widespread outages among its Windows clients.
The breakdown in CrowdStrike's Falcon Sensor, a service that protects cloud-based files, affected numerous businesses globally, leading to disruptions in various services like airlines grounding flights and delivery trucks facing delays. While the company has issued a fix, removing the problematic file from every affected computer has proven to be a complex and time-consuming process.
