CrowdStrike’s Oversight Could Top $1 Billion in Damanges
22 July 2024
On July 19, a software update triggered the largest IT disruption in history.
Friday’s outage, which caused devices using Microsoft operating systems to show the “blue screen of death,” impacted government services, businesses, and critical infrastructure across the nation, including emergency call centers, banks, airlines, and hospitals and more…
Microsoft attributed the incident to a faulty software update from cybersecurity firm CrowdStrike, and the widespread impact shows the significant market share both companies hold, as well as vulnerabilities in the model of over-the-air software updates. The larger the market share for platforms such as Microsoft operating systems, the more far-reaching the effects.
This incident underscores the importance of diversification in IT security, & network infrastructure vendor selection and the potential risks of centralized dependencies in IT infrastructure. It is estimated that damages are likely going to be around $1 Billion as more information about ongoing issues unfold.
How Did CrowdStrike Break the Internet?
A statement from CrowdStrike disclosed that the outage was caused by bad code in a content update to its “Falcon” cybersecurity defense software for Windows operating systems. Notably, Apple and Linux systems remained unaffected. CrowdStrike confirmed that it was the cause of the outage, and it was not a result of a cyberattack.
While software update bugs are common, they typically go unnoticed by end users. This was not the case on Friday. This one had widespread repercussions, affecting everything from 911 call centers to the Starbucks mobile app.
As technology platforms become more consolidated into a few key players, even the potential for more global incidents such as this become more evident and dangerous.
CrowdStrike and Microsoft Market Share
CrowdStrike is utilized by over half of Fortune 500 companies. Microsoft’s Windows OS holds a commanding global presence, powering an estimated 85% of productivity software used by the federal government, according to Mississippi Rep. Bennie Thompson, in a House Committee on Homeland Security session.
With technology platforms operating on a global scale, reliance on organizations like Microsoft becomes unavoidable. CrowdStrike and Microsoft illustrate the evolution of platform dominance in technology.
Will Congress Get Involved?
Following the outage, lawmakers and cybersecurity experts quickly debated whether Congress or the Biden administration should enforce stricter regulations to prevent further disasters. Some suggested that companies and governments implement redundant systems to ensure operational continuity during system failures. While these measures entail much high overhead costs, it is essential to avoid future disruptions.
The government’s challenge in enforcing these regulations is that it also needs to adopt similar measures itself, which is both expensive and time-consuming. The U.S. Government is one of Microsoft’s largest clients.
Outages of this nature are likely to happen again, with the risk of more serious consequences. This CrowdStrike incident demonstrates how both public and private sectors need to invest in better protections and backup solutions.
Some experts believe that the existing systems are sufficient and that CrowdStrike alone is responsible for the outage, attributing it to a quality control failure rather than a malicious act, and that regulation is unnecessary, as market forces will naturally drive customer decisions.
However, this could require new regulation of cybersecurity investments and best practices, as a bailout for a key player like CrowdStrike would ultimately burden taxpayers.
Department of Homeland Security Concerns
The Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have established a network of public and private partnerships to address global cyber incidents, recognizing the necessity of collaboration. CISA emphasizes the importance of educating the private sector on response protocols for cyberattacks and cybersecurity updates, underscoring that the government cannot manage these challenges alone.
CISA announced its awareness of a widespread outage affecting Microsoft Windows hosts due to a CrowdStrike update. The agency is collaborating with partners to assess the impact and support remediation efforts. Additionally, CISA has issued warnings to its network about potential phishing and malicious activities exploiting the incident.
What Happens Now with Crowdstrike?
For CrowdsStrike, this is likely to pose long-term damage to its brand, reputation and stock price. Clients of CrowdStrike and Microsoft might consider exploring alternative or redundant vendors, and reconsider their strategy of cybersecurity.
Reliance on a single cybersecurity tool poses a significant single point of failure. A multilayered approach involving various vendors helps ensure business continuity and safeguard’s critical operations.
While implementing redundancies in infrastructure may be initially costly, it is a worthwhile investment to maintain trust between businesses and their valued clients. This should serve as a wake-up call for all business to reassess their testing protocols and update processes to prevent potential future catastrophes.