From “heaven” to “hell” it seems that he spent only one night, it the company Crowdstrike software threw the world into chaos IT.
A flawed Crowdstrike update today (19.07.24) caused widespread disruption in the IT and financial worlds.
The value of the shares fell sharply, reports Handelsblatt. However, the incident also raises more fundamental questions.
Crowdstrike prefers not to have that global focus. Computer system failures that rocked the global economy today or were caused by a serious mistake by an IT security expert from Austin, Texas.
The software maker, which was previously little known to the public, released the updated version overnight. This resulted in Windows computers crashing, accompanied by the so-called “blue screen of death,” a popular error message in IT circles.
In other words, the program promising protection paralyzed the technology. Because there was no short-term solution, many companies were forced to reduce their operations, be it airlines, car manufacturers, banks or clinics.
Crowdstrike. The reliability of the software is questionable
Systems will likely take hours, if not days, to restore. Well-known IT security expert Troy Hunt, known for his portal “Am I Being Kept?”, has already stated on Platform X that it “The biggest IT disruption in history”.
Whether the maxim is true or not, the incident is likely to spark debate. On the one hand, an IT security expert who has previously garnered positive attention in the industry is under fire.
On the other hand, the question arises again on how business customers should deal with high levels of dependency on individual software vendors.
The incident raises questions software reliability, including between stakeholders.
Within a year, the share price increased by almost 100%. However, today there was a sale. at its peak, the stock lost about 15% of its value.in the first transactions in the USA. Bad luck probably caused it significant damage worldwide. It is still not possible to predict what consequences this will have for the company.
Crowdstrike is one of the big names when it comes to IT security. Founded in 2011 by three former McAfee employees, the company is one of the leading endpoint detection and remediation providers along with Trend Micro, Bitdefender and Microsoft. It’s about protecting devices like computers from dangerous activities like hacking.
Crowdstrike has 29,000 customers worldwide
This is reflected in the numbers. In the previous fiscal year, the end of January the company increased its revenue by 36% to $3.1 billion, most of which came from subscriptions. It generated approximately $940 million in free cash flow and $90 million in net income.
Crowdstrike is particularly known for taking classic antivirus software further, as users know it from their personal computers. Falcon Sensor software is designed to monitor the device like a hawk with sharp eyes, blocking suspicious activities and collecting access analysis data.
However, Crowdstrike released a flawed update for the program that crippled the version for Windows systems. As a result, the systems of many of our 29,000 business customers worldwide were disrupted.
By the way, the geographic concentration of computer chaos is a good description of the company’s most important markets; In addition to the US, they are the UK, Germany, India and Australia.
Some companies in the US faced another problem. Microsoft has reported a failure of its cloud infrastructure in one region. By Friday morning, however, the software maker had mostly restored services such as the Microsoft 365 Office software suite, backup and launch.
Crowdstrike customers should be able to fix the issue with a patch update. However, the software cannot be installed automatically and remotely as it usually is. Instead, IT departments must manually reboot systems using a custom process.
The effort required cannot be precisely estimated, but it is likely to be huge, says Sebastian Schreiber, head of IT security services provider Syss. “The IT departments of all the companies using the product are currently doing nothing else,” he told Handelsblatt.
The incident raises fundamental questions about the protection of IT systems. Syss head Schreiber emphasizes. “IT security software has broad privileges and therefore can also lead to the collapse of an IT system.” In other words, software intervenes deeply in critical processes to prevent risks, with drastic consequences in case of errors.
The IT scientist sees a fundamental problem in the industry. “Multiple security programs increase the complexity of IT systems.” In some cases, there is also a lack of quality. In the past, for example, there were virus scanners that were themselves vulnerable to malware. “The question is, who is looking at the screens?”
Internet industry association Eco also noted dependence on software vendors. Digitization speed can be increased with their products, explained CEO Norbert Pohlmann. However, today’s example shows that it increases the risks.
Polman, professor of internet security at Gelsenkirchen University of Applied Sciences, demanded:Therefore, user companies must clearly define their dependence on software vendors and focus much more on their IT security.”. It’s not just Crowdstrike, the same publication concludes.