The entire world, or most of it, was in crisis mode for the last 24 or 48 hours, depending on your time zone.
For the first time, many people heard about the name Crowdstrike when the mainstream media aired about the recent blue screen of death.
A lot has been written about the company and what happened; the CEO of Crowdstrile (George Kurtz) has also explained a faulty update caused the crash.
According to Microsoft, 8.5 million Windows devices were impacted by this update failure, less than one percent of all Windows machines estimated at over 1.5 billion.
While Cloudstrike, Microsoft, and other top companies are dropping statements and figuring out how best to remediate the issue, one question on so many people’s minds is.
Who pushed the update, and how can one update have this much power over so much as to ground so many international flights, banks, hospitals, etc?
Who is Crowdstrike?
CrowdStrike, founded in 2011 by George Kurtz, Dmitri Alperovitch, and Gregg Marston, rapidly ascended to become a cybersecurity powerhouse. The company's innovative Falcon platform, launched in 2013, revolutionized endpoint protection with its cloud-based, AI-driven approach.
CrowdStrike gained prominence through high-profile cyber investigations, including the 2014 Sony Pictures hack and the 2015-2016 DNC cyberattacks. Its ability to track state-sponsored hacking groups showcased its advanced threat intelligence capabilities.
Strategic partnerships, notably Google's investment in 2015, accelerated CrowdStrike's growth. By 2017, it achieved unicorn status, followed by a successful IPO in 2019. The company continued expanding through acquisitions like Preempt Security and Humio.
Known for its cloud-native endpoint protection, influential threat intelligence reports, and incident response expertise, CrowdStrike has become a trusted partner for organizations worldwide. Integrating AI and machine learning in cybersecurity sets it apart from competitors.
From startup to industry leader, CrowdStrike's story exemplifies technological innovation and strategic growth in the dynamic cybersecurity landscape.
The Blue Screen of Death and the Future of Crowstrike
According to a recent CNN analysis, it would take weeks for the world to recover from the update issue fully, and while this is ongoing, malicious actors have started taking this gap as an avenue to send spam mail posing as support, according to the Crowdstrike monitoring team.
Major stakeholders have started asking questions: Was there no AGILE policy in place, and was the update properly tested before being pushed?
For a company this big, it would be irresponsible for such an update to be approved and sent out without proper vetting and approval.
So would companies look for alternatives after this issue, or would there be a need to not rely so much on one company, which, when taken down, can cause major downtime?
On the other hand, companies like Microsoft need a trusted and reliable partner to protect their infrastructure, thereby giving them free time to stick to innovating Windows Os, while Crowdstrike provides security and patches when needed.
While this was an unfortunate incident, the reality is the biggest tech organizations are interwoven and rely on each other, and a hit on anyone is like a hit on all of them.
This is a security flew; one new threat actors would likely try to milk.
Conclusion
The recent global outage caused by CrowdStrike's faulty update highlights the interconnectedness and vulnerability of our digital infrastructure, and as the world recovers, it's clear that a balance must be struck between innovation and reliability. This event serves as a wake-up call for tech companies and clients to reassess their security strategies and disaster recovery plans. Ultimately, the incident underscores the need for greater resilience and diversity in our digital ecosystem to prevent such widespread disruptions in the future.