Crowdstrike is facing intense scrutiny after admitting a faulty software update had caused global chaos. But what do we know about the cybersecurity firm?
ADVERTISEMENTIn what for some may appear like the plot of the 2023 film Leave The World Behind becoming reality, most of the planet woke on Friday to the news of a global IT meltdown.
Thousands of flights have been grounded, airports are in disarray, customers have been unable to access their banking or pay for goods using cards, patients unable to see doctors or have surgeries, and more.
Cybersecurity firm Crowdstrike has since admitted that the cause of the outage was a "defect" in a Windows software update with its CEO George Kurtz advising that the company’s engineers were working to resolve the issue and had found a fix.
But what do we know about the company whose software has inadvertently brought the world to its knees?
What does Crowdstrike do?
Launched in 2012, the cybersecurity firm claims to offer customers “the world’s most advanced cloud-native platform” to detect and block hacking threats.
According to its website, the company provides services to 298 companies on the Fortune500 list, as well as top tech and automotive companies and healthcare providers.
These encompass many of the companies impacted by Friday’s outage, including Microsoft, airlines like United and American Airlines in the US, KLM, Turkish Airlines, Ryanair, and more.
What caused the outage?
Kurtz issued a statement on Friday admitting that the outage was caused by a faulty patch for Windows.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," he said.
"Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed".
The issue appears to be with a Windows update of its Falcon Sensor software which is causing Blue Screens of Death (BSODs), an error message which appears on Windows systems when the computer’s activity is interrupted and reverts instead to a blue screen.
Other machines, like Mac and Linux computers, are not impacted, according to Crowdstrike.
On X, Kurtz took heat for not apologising on behalf of the company for the chaos the outage had caused, as well as questions about why the patch hadn’t been tested first before being rolled out worldwide.
User David Hajek (@hajekd) replied to Kurtz’s statement saying: "Missing we screwed up and we are sorry".
Will Guyatt (@willguyatt) added: "Where's the apology to users, George?"
ADVERTISEMENTAmeer (@SynthPotato) posted: "Bro just stopped the entire world and probably caused millions in damages and doesn’t even apologise".
Later on Friday, Kurtz issued a subsequent statement offering his apologies and reassuring customers that they were still protected from cyberattacks.
"Today was not a security or cyber incident. Our customers remain fully protected," he said.
"We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on," Kurtz added.
ADVERTISEMENTWhat happens now for Crowdstrike?
The company is facing a massive hit to its share price and revenue, with unofficial trading on Friday wiping as much as 20 per cent - estimated at around $16 billion (€14.7bn) - off its valuation.
The company recovered some of its losses later on Friday when trading opened, with the shares down at 15 per cent, the equivalent of €12.5 billion (€11.5 billion) wiped off its value.
Its engineers said there is now a fix and that it is being deployed, but experts believe we could face prolonged disruption as the company’s thousands of customers will need to work on restoring all of their systems and machines.
