CrowdStrike CEO George Kurtz said in a post on social media platform X that the cause of the massive outage was traced back to a “single content update.” The company said it had deployed a fix for the issue shortly before 3am, but many banks, private and public sector businesses, airports and hospitals were still working to resume normal operations as of midday on Friday.
Here’s what you need to know:
What is CrowdStrike?
According to Reuters, CrowdStrike provides cybersecurity software to more than 29,000 customers, including about 300 of the Fortune 500 companies such as Amazon, Google and Target. The company’s services include protection from malware and ransomware threats, firewall management, cloud security, and tracking and identifying hackers.
The company made headlines in 2016 after working with the Democratic National Committee and cooperating with a government investigation that determined Russian intelligence services had hacked the Democratic Party, becoming the target of right-wing conspiracy theories.
CrowdStrike said Friday’s outage was not the result of a cyberattack, but was caused by a flaw found in a content update pushed to Windows hosts; Mac and Linux systems were not affected.
How long will the power outage last?
Because so many Windows machines running CrowdStrike software around the world were affected, it may take a significant amount of time for systems to return to normal even after the company’s fix.
Many of the affected systems are continually crashing into what’s known as a boot loop, requiring them to reboot into safe mode in order to manually remove files that CrowdStrike has identified as problematic, which must be done one machine at a time.
“I don’t think it’s too early to tell. This will be the biggest IT outage in history,” Troy Hunt, an Australian security consultant and founder of hack-checking site Have I Been Pwned, said in an X post early Friday morning.
Cooper said he couldn’t remember a power outage that lasted this long or was this severe.
Levent Ertaoğlu, a professor and cybersecurity researcher at California State University, East Bay, said it could take days for all affected companies to recover and that the outage would have a “cascading” effect on industries such as air travel.
“The big thing for us about this case is two things: Number one, how dependent we are on technology, how dependent our lives are on technology, and number two, how vulnerable that technology is,” he told KQED.
Why is this important?
Concerns about widespread power outages are not new, Cooper said, and experts have been wary of these types of disruptions for nearly a decade.
“We’ve been prepared for the possibility of a major service interruption like this for a long time,” she said.
But even in the past few years, advances in technology have expanded how widespread the impact of an outage can be. For example, email and digital storage systems, once separate, are now often connected. CrowdStrike is an interconnected digital cybersecurity system.
“The potential for disruption has been around for years, but the way technology evolves means the risk of a single change impacting every system may potentially be higher than it was even a few years ago,” she told KQED.
Going forward, companies will need to plan for these scenarios in case another code flaw or cyber attack targets similar systems.
“As a company, you have to think for a second: ‘What if our systems went down? What if on a certain day we couldn’t access our email, we couldn’t access our financial systems, as an airline we couldn’t see our flight manifests?'” Cooper said.
She said even small things like making sure employee contact information is kept outside of the digital software they use can help businesses maintain operations or resume them more quickly if an outage occurs.
“And assuming those systems go down for not just minutes, but hours or even days, how do you recover?”
KQED’s Sukey Lewis contributed to this report.
