Assess the Risk of Browser Extensions Installed in Your Browser. Add to Chrome.×
Home » Spin.AI Blog » Unpacking the CrowdStrike Outage: Causes, Impacts, and Protecting Your Business From Disaster.
July 19, 2024 | Updated on: July 23, 2024 | Reading time 6 minutes

Unpacking the CrowdStrike Outage: Causes, Impacts, and Protecting Your Business From Disaster.

Author:
Avatar photo

Product Manager

A major global IT outage occurred on Friday, July 19, 2024, causing widespread disruptions across various industries and services worldwide. Although recovery is still ongoing, the root cause of this massive disruption was traced back to a defective software update issued by cybersecurity company CrowdStrike for all Microsoft Windows operating systems.

CrowdStrike, a prominent cybersecurity firm founded in 2012, provides security software to numerous enterprise customers, including major cloud platforms like Microsoft Azure, commonly used by countless organizations for their daily software operations. 

What Caused The Global Outage?

The company’s CEO, George Kurtz, acknowledged that a “defect” in a “content update” for Windows devices led to the cascading effect that impacted systems globally. While Kurtz emphasized that this was not a security incident or cyberattack and that the issue had been identified, isolated, and a fix deployed, it highlights a broader need for disaster recovery plans when major companies face network outages, as well as the general risks assumed with the interconnectedness of modern IT infrastructure.

Who Was Affected?

The impact of this outage has been far-reaching and severe, lasting for several hours. During that time, clients could not access critical cybersecurity services, leaving their systems potentially vulnerable to cyber threats, affecting major industries and services globally, including:

1. Aviation: Airlines such as Delta, United, and American Airlines experienced grounded flights and significant delays. Airports worldwide, including those in New York, Tokyo, Delhi, London, and Amsterdam, reported long queues and disruptions.

2. Banking and Finance: Banks in Australia, New Zealand, South Africa, and Britain faced operational challenges. The London Stock Exchange was also impacted.

3. Healthcare: Hospitals in Israel and Germany reported disruptions, with some resorting to manual processes.

4. Retail: Payment systems have been impacted globally, with reports from retail stores, grocers, and airlines unable to process credit cards.

5. Transportation: Railway companies in the UK and across the globe faced delays due to IT issues.

6. Media: Broadcasters like Sky News in the UK experienced service disruptions.

7. Government Services: Emergency services, including 911 systems in multiple U.S. states, were temporarily down.

8. Technology: Microsoft services such as Xbox Live, Microsoft 365, and Teams faced outages.

The scale of the disruption has also led to significant financial implications. CrowdStrike’s stock value has plummeted following the incident, with Microsoft and travel-related stocks also experiencing significant declines.

In response to the crisis, companies and organizations took a variety of actions to attempt to mitigate company damage:

1. CrowdStrike: The company quickly identified the issue, isolated it, and deployed a fix. They advised customers to communicate through official channels and referred them to their support portal for updates.

2. Microsoft: The tech giant initiated “mitigation action” to address the lasting repercussions of the disruption.

3. Government Agencies: The U.S. Department of Homeland Security stated it was working with CrowdStrike, Microsoft, and other partners to assess and address the outages.

Many other organizations, such as ConnectWise, proceeded with their disaster recovery plans, augmenting their staff, rebooting systems, and searching for alternative communication methods (some even resorting to manual workarounds).

As of the latest reports, while a fix has been deployed, some businesses were still grappling with the effects of the outage. The incident highlights the interconnected nature of modern IT systems and the potential for widespread disruption from a single point of failure. It also underscores the critical importance of robust testing and failsafe mechanisms in software updates, especially for companies providing services to a vast network of enterprise customers.

As of now, the official workaround provided by Crowdstrike is to reboot Windows in safe mode, and delete a specific system file:

  1. Reboot your Windows environment in safe mode or the Windows Recovery Environment
  2. Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory
  3. Locate the “C-00000291*.sys file and delete it
  4. Reboot the host normally

Or you can try rebooting your computer 15 times, says Microsoft.

Protecting your company from disasters and outages

This extreme example is a cautionary tale about how disaster can strike your digital network at any moment and highlights the need for well-maintained disaster recovery plans and backups in order to quickly get your business up and running in case a crisis strikes.

Educate your employees on the steps required of them if the unexpected happens, and keep a regular backup of your data to prevent critical data loss.

Keeping manual backups is an option, but partnering with an automated disaster recovery partner is your best bet to avoid human error and maintain up-to-date, regular, and reliable backup systems for your organization.

Additionally, conducting regular drills and simulations can ensure that your team is prepared to respond swiftly and effectively during a crisis. 

By investing in robust cybersecurity measures and continuously monitoring your systems for vulnerabilities, you can mitigate the risks associated with unforeseen disruptions. Ultimately, the key to safeguarding your company lies in a proactive and comprehensive approach to disaster recovery, ensuring that your business can continue to operate smoothly even in the face of adversity.

If you are looking for an all-in-one disaster recovery and backup for your Microsoft data, SpinOne offers the fastest and most reliable solution on the market. Get in touch with our sales team here for a free demo, and set yourself at ease knowing your business’s data is protected from critical data loss when the next disaster strikes.

Was this helpful?

Thanks for your feedback!
Avatar photo

Written by

Product Manager at Spin.AI

Will Tran is the Product Manager at Spin.AI, where he guides the product's strategic direction, oversees feature development and ensures that the solution solves his clients’ cybersecurity needs.

Will is a security professional who started his career at Lockheed Martin where he worked on National Security Space programs in business development and product management.

Will holds a BA in Economics and Mathematics from UCSB and an MBA with a specialization in Technology Management and Marketing from UCLA Anderson School of Management.

At Lockheed Martin, Will developed the multi-year strategy campaign and supported the product development of a national security satellite program for the United States Air Force, which resulted in a multi-billion dollar contract.

During business school, Will consulted 2 non-profit organizations as part of a series of national consulting case competitions. He set strategic priorities, optimized business operations, and developed a process to qualify new revenue streams for his non-profit clients. These initiatives resulted in 15-20% increase in annual surplus.

In his spare time, Will can be found at local coffee shops around Los Angeles, traveling to different countries, or hanging out with his cat.

How Can You Maximize SaaS Security Benefits?

Let's get started with a live demo

Latest blog posts

Brewing Trouble: How a Starbucks Ransomware Attack Poured Cold Wate...

Cybercriminals often carry out attacks around holidays as this helps to ensure the most amount...

Avatar photo

Vice President of Product

Read more

Data Loss Prevention Techniques for 2025 and Beyond

It’s painstakingly clear that data loss is a major challenge facing businesses today. Our experts...

Avatar photo

Vice President of Product

Read more

What is SaaS Security? Challenges & Best Practices

Businesses increasingly rely on Software as a Service (SaaS) for increased efficiency, collaborativeness, and scalability....

Avatar photo

CEO and Founder

Read more