Crowdstrike’s Major Blunder: The Day Blue Screens Took Over the World

What Happened on July 19th?

On July 19th, 2024, computers worldwide went down, spiraling into a reboot doom loop before inevitably blue-screening and becoming unusable. At first glance, considering only Windows computers were affected, the finger becomes easy to point, the issue must have thus been caused by a faulty Windows update. As it turns out though, Microsoft was not directly responsible for the outage.

Crowd Strike Enters the World Stage?

“Crowdstrike”, one of the world’s largest cyber-security providers, based out of Austin, Texas, makes software used by massive organizations, government agencies, and a plethora of other businesses. Software that is meant to act as an antivirus, protecting against hackers and online intruders.

And therein lies our culprit;

A faulty update caused the worldwide outage of Microsoft systems Crowdstrike pushed out to their Windows users, thereby causing the doom-loops and subsequent blue-screen of death. This much was even confirmed by the Chief Executive of CrowStrike, George Kurtz. 18th July 2024 is when the update was pushed, and the next day computers across the globe began crashing.

Satya Nadella, the Chief Executive at Microsoft also stepped onto the world stage, publicly blaming Crowd Strike for the fallout. She claimed that Microsoft was working tirelessly now to help customers bring their systems back online and, while yes, this outage did not affect Apple and Linux users, this is not the first time Crowd Strike has been responsible for events such as this.?

In April the company had pushed yet another faulty update causing Linux systems to fail similarly (though this update was separate from the update that was a culprit of the recent Windows crash), this mass crash was identified in an internal report by CrowdStrike that was sent to customers and then acquired by the New York Times. CrowdStrike took nearly five days to diagnose and resolve this Linux crashing update. Within the claimed report they promised to pay closer attention to their updates and testing procedures going forward.

Effects and Musings

The recent outage affected more than just IT companies though. Computers in hospitals, banks, airports, and even civil service went down as computers managing their systems began blue-screening. Hospitals were forced to cancel non-critical surgeries. Major flights were grounded till the issue could be resolved. In the case of the United States, even 911 lines were down as a result.?

B.J. Moore, the chief information officer for Providence Health, which has 52 hospitals in seven states, said, in response to the crash, that 15,000 servers were down and 40,000 out of Providence’s 150,000 computers were affected, claiming that the fallout was “worse than a cyberattack.".

The massive and widespread fallout of such a global system failure brings to attention the truly fragile nature of our international systems, leaning on a single popular operating system, and even further on a single global security provider leaves us open to such devastation in the future as well. Such an event may be an active call for diversifying operating systems and solutions and even an eye-opener to the dangers of a monopoly on such technical factors.?

It is no secret that Crowd Strike is one of the, if not the, biggest security providers internationally, and their recent acquisitions and growth only serve to strengthen the argument. The diversification of such systems internationally means hiccups like this leave a more limited and manageable impact in the long run.

The Fear of a Cyber-Attack

Early on, during the catastrophe that overtook the 19th of July, many were worried that the worldwide systems crash may have been the work of hostile cyber-attackers. To put this fear to rest, the UK’s Ministry of Defence said it was tracking the situation and was unaffected. It was not aware of any involvement of “hostile actors”, and other heads of government within the UK have also now moved past the claims that there may have been some kind of malicious intent or actor causing this behind the scenes. Peter Kyle, the secretary of Innovation and Technology in the UK, has further stated that he and the Government of the UK are attempting to better understand and devise more appropriate responses to similar situations in the future.

The Aftermath and Solutions

We return to the active solution employed at the tail of the outage... Computers affected by this issue require being individually turned off, booted in safe mode, and then having a specific file deleted from their drives, causing the issue.?

Lukasz Olejnik, an independent cybersecurity researcher and consultant, claimed that while the solution was simple, it was still time-consuming. Major organizations with a dedicated IT staff may be able to bounce back from this fairly quickly, the statistic did not apply to smaller organizations, or teams without dedicated IT staff, and so the fallout from this outage may take some time to fully resolve.

The tricky thing about Cyber-Security updates on your computer is that, unlike iPhone updates which can be, for example, rolled back for bug-fixing, updates to anti-virus and anti-malware software can be sticklers.?

Antivirus software requires full, unhindered control of your system to do its job, Thomas Parenty, a cybersecurity consultant and a former U.S. National Security Agency analyst, claims as much. So tampering with an update is not as simple once it has been deployed.

George Krutz, came on to NBC’s Today show to offer a formal verbal apology for the chaos this update caused, saying, “We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this,”, taking full responsibility for the ensuing chaos and stating a software fix has been rolled out but it may still be sometime before all systems return to normal.