Cyber outage affects Crowdstrike customers

A global cyber blackout caused significant instability in banks, media companies, airlines and operators around the world early on Friday. The cause was an update to the Falcon software from cybersecurity company Crowdstrike.

Falcon serves to provide greater security for systems such as Azure and helps detect possible hacker intrusions. The flaw caused Microsoft Windows to crash and display a blue screen. As a result, Microsoft Teams, PowerBI and Fabric applications became unstable.

Crowdstrike is actively working with its customers impacted by a defect found in a single update for Windows servers. Mac and Linux servers were not affected; this was neither a security incident nor a cyberattack. The problem has been identified, isolated, and the process to fix it is underway,’ said Crowdstrike CEO George Kurz.

‘The problem has been identified, isolated and a fix is being made. We have referred customers to the support portal for the latest updates and will continue to offer full and continuous updates on our website,’ he added.

Microsoft said, in a post on the social network X (formerly twitter), that it has taken action to reduce the problem. ‘Our services are still showing continuous improvements while we continue to take mitigation actions.’

CrowdStrike Falcon works as a security system against external threats, using state-of-the-art technology. The company is a leader in the sector and uses artificial intelligence in its services and provides security for 300 of the 500 largest companies in the United States.

Domino effect

To operate, companies depend on other companies. Suppliers of critical infrastructure, software, hardware and service providers are all part of an interconnected chain. A failure at one of these ends, depending on the context and its essentiality, can compromise a significant number of organisations, generating a clear domino effect. In this scenario, assessing which third parties are key to your organisation’s survival and preparing contingency plans is essential. This is far from meaning that adverse and unavoidable events will not arise along the way, like the one we are experiencing today, for example.

There is no silver bullet

The incident has taught experts a few lessons. The biggest is that there is no such thing as perfect or unshakeable security. No software is immune to bugs or errors. There are no human beings who, even after being trained dozens of times, can’t make a slip and click on a link they shouldn’t have.

Therefore, there is no silver bullet that can prevent every cyber-attack or security incident, no matter how good the protections are.

What’s the solution?

Personal devices, such as your private notebook or mobile phone, were probably not affected, as the flaw is mainly affecting companies.

Microsoft is advising customers to try the old method of switching their device off and on again.

Since 2011, Falcon has been present in the systems of governments and large corporations, such as global banks, health and energy companies, among others.

Since it is part of Microsoft, one of the main impacts has been on devices running Windows around the world.

CrowdStrike has also become famous to the general public for investigating attacks by major hackers, such as the hacking of Sony Pictures’ computer system in 2014.