CrowdStrike CEO and founder George Kurtz released an official statement Friday – in an attempt to explain to thousands of customers worldwide – how the largest IT outage in world history came to be, and how the American cybersecurity firm plans to make sure it never happens again.
Kurtz, who formed the company in 2011, is addressing the CrowdStrke tech failure which upended multiple industries on a global scale on Friday, from banking to airlines to healthcare systems.
“I want to sincerely apologize directly to all of you for today’s outage, Kurtz began his statement, adding that “all of CrowdStrike understands the gravity and impact of the situation.”
The widespread outage was caused by a single defect with a recent CrowdStrike Falcon content update, the company’s endpoint management system, causing Windows systems to crash and show the infamous ‘Blue Screen of Death.’
"This was not a cyberattack," the company clearly communicated multiple times on various platforms on Friday.
The 'Falcon Sensor' update reaction has affected all customers with "Microsoft Windows hosts impacting Windows 10 and later systems," the US Cybersecurity and Security Infrastructure Agency (CISA) said in an advisory released Friday. Mac and Linux host systems were not impacted, CISA said.
CEO promises 'full transparency'
CrowdStrike first sent a notice out to customers about 5:30 a.m. ET Friday morning alerting them to the issue – since fixed – but, that’s where the complications begin insiders say.
Based in Austin, Texas, CrowdStrike boasts more than 20,000 subscribers around the world with a market value of $83 billion, according to its website.
CrowdStrike CEO George Kurtz released a statement late Friday afternoon in an attempt to alleviate the backlash reverberating through the IT industry and assure full support to customers.
“As this incident is resolved, you have my commitment to provide full transparency on how this occurred and the steps we’re taking to prevent anything like this from happening again,” Kurtz posted on X with a link to the letter.
“We are working on a technical update and root cause analysis that we will share with everyone as well,” he said.
All of CrowdStrike continues to work closely with impacted customers and partners to ensure that all systems are restored.
undefined George Kurtz (@George_Kurtz) July 19, 2024
I’m sharing the letter I sent to CrowdStrike’s customers and partners. As this incident is resolved, you have my commitment to provide full transparency on…
The statement went on to explain that the company is “operating normally” with Falcon platform systems unaffected, including Falcon Complete and Falcon OverWatch.
“There is no impact to any protection if the Falcon sensor is installed.” he said.
“Nothing is more important to me than the trust and confidence that our customers and partners have put into CrowdStrike,” the CEO said.
“As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again,” Kurtz concluded.
The company has also released a companion statement to impacted Windows customers with more technical details, including several possible workarounds, on its website.
'Every affected computer needs to be rebooted'
Computer Scientist, Entrepreneur, and X user @raymo_g did not hold back, assessing the situation earlier than most early Friday morning.
“I don't think you guys fully grasp how big this is. Around a billion computers are bricked worldwide, mostly corporate ones,” he posted.
“This isn't just an online service going down for a few hours. Every affected computer needs to be rebooted in fail mode and have a driver manually removed,” the post continued.
Most corporate computers given to employees don't let users do this themselves. Even if they could, imagine every single double-digit IQ wagie trying to handle a moderately complex task when many don't even know what a file is anymore, he said.
“I can't stress enough the scale of this happening.” it concluded.
I don't think you guys fully grasp how big this is.
undefined Ray (@raymo_g) July 19, 2024
Around a billion computers are bricked worldwide, mostly corporate ones.
This isn't just an online service going down for a few hours. Every affected computer needs to be rebooted in fail mode and have a driver manually… pic.twitter.com/khHe4edchB
Failure to diversify
Security expert Aleksandr Yampolskiy, CEO of SecurityScorecard, said its always been good policy to “get tools from multiple vendors.”
If one firewall goes down by one vendor, you have another vendor who may be more resilient, Yampolskiy explained.
“Today’s global outage is a reminder of the fragility and systemic “nth-party” concentration risk of the technology that runs everyday life: airlines, banks, telecoms, stock exchanges, and more,” Yampolskiy said.
The CEO cited joint research, conducted in May by SecurityScorecard and management consulting firm McKinsey & Company, that shows 62% of the global external attack surface is concentrated in the products and services of just 15 companies.
Even Kurtz's statement addressed the fact that "adversaries and bad actors" will no doubtably try and "exploit" the CrowdStrike event. "I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives," Kurtz said.
“You need to have diverse systems, know where your single points of failure are, and proactively stress-test through tabletop exercises and simulations of outages,” Yampolskiy said.
“Whether caused by a malicious DDoS attack or a faulty patch update, the end result of an outage is the same: Users are denied access to critical systems,” he added.
CISA said it is working closely with CrowdStrike, federal, state, local, tribal, and territorial (SLTT) partners, as well as critical infrastructure and international partners to assess impacts and support remediation efforts, the agency said.
Your email address will not be published. Required fields are markedmarked