If you tried to take a flight today, withdraw money from your bank, or even call 911 (yikes), there’s a good chance you were impacted by this morning’s CrowdStrike outage. The issue took down whole fleets of corporate Windows PCs around the world, and it wasn’t even malicious. Instead, the problem stems from a faulty update the cybersecurity firm pushed out overnight. IT departments are currently implementing fixes and executives are issuing apologies, but who is CrowdStrike, and how did we even get here?
Who is CrowdStrike?
Microsoft’s built-in Windows Security tools are probably enough for most people, but businesses need some extra protections. That’s where CrowdStrike comes in. The company, which launched in 2011, focuses largely on assessing data risks and finding leaks and other vulnerabilities. It’s had some big wins in the past, including finding the source of 2014’s Sony Pictures leak and investigating the 2015 and 2016 Russian cyberattacks on the Democratic National Committee. According to Reuters, the firm has about 29,000 customers and reported $900 million in revenue during its latest financial quarter.
It’s hard to imagine all that coming to an end because of one bad update on one product out of many, but the results of the error have been disastrous, grounding over 3,000 flights globally, among numerous other issues. The company is down over 9% on the NASDAQ at time of writing.
How did this happen?
The problems started with an update to CrowdStrike’s Falcon Sensor, one of many services the company offers, which protects cloud-based files. If there’s any silver lining, it’s that the issue should not directly affect personal computers, since CrowdStrike is enterprise level software. It also wasn’t a hack or leak, so companies don’t need to worry about their data falling into the wrong hands.
At the same time, the broken file introduced by the update is proving difficult to remove, with airlines continuing to ground flights and delivery trucks facing delays despite good weather.
While CrowdStrike works with Windows, Mac, and Linux, only Windows clients are facing outages at the moment. Microsoft told the BBC that it’s aware of the issue, but left the onus for the fix on CrowdStrike.
Who uses CrowdStrike?
While you might not experience the outage on your personal machine, you could still be impacted if you do business with a company that’s having issues. CrowdStrike clients include Google, Amazon, Intel, and Target, so even remote workers who never touch an airport could run into problems with everyday tasks like grocery shopping.
What happens next?
CrowdStrike has issued a fix for the problem, but it’ll take some time for it to be implemented, since it requires painstakingly removing the problem file from every affected computer, either through continual reboots or by searching for it in a recovery environment.
As for CrowdStrike itself, the company dropped 12% in premarket trading on Friday, down from its market value of $83.5 billion at Thursday’s close.
Given the scope of the issue, regulators are also likely to step in, although official statements are still forthcoming. In the meantime, affected computers including airport flight departure screens are still showing the dreaded blue screen of death error.
CrowdStrike is not the only company of its kind, with competitors like Palo Alto Networks and Zscaler offering similar services. Palo Alto’s market capitalization is currently $104.87 billion, and it’s possible today’s debacle will only contribute to its lead.
Today’s hardships may also bolster Mac and Linux sales, as while the outages companies are facing today largely stem from CrowdStrike, Microsoft has confirmed more minor issues with its Azure cloud services, leading some news sites to simply refer to the problem as a “Microsoft outage” or “Windows outage.”
