What is CrowdStrike and how did it crash so many business computers?
A faulty CrowdStrike update may have caused global IT issues
Thousands of organizations around the world have been unable to operate properly, due to a major bug that affected most of their Windows computers. Among them are UK broadcaster Sky News, major airline Ryanair, the Berlin airport, and many, many others, all of whom reported the dreaded Blue Screen Of Death (BSOD) and a recovery boot loop issue that prevented their computers from starting up.
It would appear that behind this global outage is a faulty update issued by CrowdStrike.
“We have widespread reports of BSODs on Windows hosts, occurring on multiple sensor versions,” CrowdStrike said in a support note issued at 1:20AM ET, The Verge reported.
So, what is CrowdStrike, and how did a single update cause so much havoc everywhere?
CrowdStrike endpoint security and threat intelligence
CrowdStrike is a cybersecurity technology company, which specializes in cloud-delivered endpoint protection. It was founded in 2011, and has since developed a range of products and services that prevent cyber threats, and detect attacks. Furthermore, the company works on threat intelligence, analyzing and reporting on the latest trends and threats in the cybersecurity community.
CrowdStrike’s flagship product is Falcon, a sophisticated cybersecurity platform designed to protect endpoints through a cloud-native architecture. Its key selling points include advanced threat detection, prevention, and response. Its next-gen antivirus (NGAV) uses machine learning and behavioral analysis to tackle a wide range of threats such as malware, ransomware, and even zero-day exploits.
The platform also includes endpoint detection and response (EDR) capabilities, which continuously monitor endpoint activity to detect suspicious behavior, and since it’s cloud-native, it can easily scale and manage large volumes of data. What’s more, it allows the tool to be updated and maintained seamlessly.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
CrowdStrike Falcon also comes with integrated threat intelligence services, which provide organizations with up-to-date information on emerging threats and vulnerabilities. The data comes from millions of sensors worldwide.
Apparently, the outage was caused by a faulty update to the Falcon product. “CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor,” CrowdStrike said in a recorded phone message, CNBC reported.
Rich history
CrowdStrike was founded in 2011 by George Kurtz, Dmitri Alperovitch, and Gregg Marston, and since its inception it was involved in a number of high-profile cybersecurity cases. For example, its 2014 report resulted in five Chinese military hackers being charged with attacking U.S. companies' computers for trade secrets. It placed Energetic Bear, a Russian state-sponsored threat actor, in the limelight, and helped attribute the 2014 Sony Pictures hack to North Korean state-sponsored attackers.
According to Stock Analysis, its current valuation is $80.58 billion. Its latest financial results reports show that it has more than 20,000 customers and that it’s breaking records in terms of annual recurring revenue, total revenue, cash flow operations, and more.
More from TechRadar Pro
- Windows Blue Screen of Death crisis: what we know so far
- Here's a list of the best malware removal tools around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.