top of page
Search

CrowdStrike IT Outage: What You Should Know

  • Writer: Muhammad Ikmal Fahmi Bin Che Mohamood
    Muhammad Ikmal Fahmi Bin Che Mohamood
  • Jul 21, 2024
  • 3 min read

Delhi Airport
Delhi Airport had to operate manually. Photo by Frank Meehan at x.com/frank_meehan

In an unprecedented cyber incident, CrowdStrike, a renowned cybersecurity company, experienced a significant IT outage affecting 8.5 million Windows devices globally. Microsoft has now estimated the full extent of the impact, making this potentially the worst cyber event in history.


The disruption stemmed from a corrupted software update released by CrowdStrike, which incapacitated a substantial number of its clients' computers. Microsoft, which is assisting in the recovery efforts, emphasized the scale of the issue in a blog post. David Weston, Microsoft's vice-president, revealed, "We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices." This figure, while less than 1% of all Windows machines worldwide, has broad economic and societal repercussions due to CrowdStrike's extensive client base, which includes many critical service providers.


The Magnitude of the Incident


Microsoft's ability to pinpoint the number of affected devices is due to its performance telemetry, which monitors many devices through their internet connections. The tech giant was quick to clarify that its software was not at fault, underscoring the importance of rigorous quality control in the tech industry. "It’s a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist,” Weston added.


The fallout from this IT glitch is substantial, positioning it as one of the most severe cyber-incidents on record. The estimated 8.5 million affected devices eclipse the infamous WannaCry attack of 2017, which impacted around 300,000 computers across 150 countries. Similarly, the NotPetya attack a month later and the six-hour outage at Meta in 2021 pale in comparison to the current event.


A Surge in Opportunistic Attacks


In the wake of the outage, cybersecurity experts and agencies globally have issued warnings about a surge in opportunistic hacking attempts. Cyber agencies in the UK and Australia have alerted the public to be cautious of fake emails, calls, and websites posing as official entities.


CrowdStrike's CEO, George Kurtz, advised users to ensure they are communicating with verified representatives from the company before downloading any fixes. "We know that adversaries and bad actors will try to exploit events like this," Kurtz noted in a blog post.

Researchers at Secureworks have reported a notable increase in CrowdStrike-themed domain registrations, indicating hackers are creating websites that mimic official ones to deceive IT managers and the public into downloading malicious software or divulging private information.


Mitigation and Recovery


Cybersecurity agencies worldwide are urging IT responders to rely solely on CrowdStrike's official website for information and assistance. This guidance primarily targets IT managers tasked with restoring their organizations' online operations. However, individuals are also advised to be exceptionally vigilant and act only on information from verified CrowdStrike channels.


Lessons Learned


This incident highlights the critical need for robust quality control measures and disaster recovery plans in the tech industry. It serves as a stark reminder of the potential consequences of cybersecurity lapses and the importance of maintaining high standards in software deployment.


As the situation continues to unfold, affected organizations and individuals must remain alert to the evolving threats and adhere to best practices in cybersecurity to mitigate further risks.


For more information on cybersecurity and the latest updates on the CrowdStrike IT outage, follow our coverage at IF Reporter.



References

  • Tidy, J. (2024, July 20). CrowdStrike IT outage affected 8.5 million Windows devices, Microsoft says. BBC News. Retrieved from BBC News.

  • Weston, D. (2024, July 20). Microsoft's official blog post on CrowdStrike IT outage. Microsoft. Retrieved from Microsoft Blog.

  • Secureworks. (2024, July 20). Report on increased CrowdStrike-themed domain registrations. Secureworks. Retrieved from Secureworks.

  • Kurtz, G. (2024, July 20). Official statement on CrowdStrike's website. CrowdStrike. Retrieved from CrowdStrike Blog.

  • National Cyber Security Centre (NCSC). (2024, July 20). Advisory on fake emails and websites post-CrowdStrike outage. NCSC. Retrieved from NCSC.





 
 
 

Comments

IREPORTER LOGO.png

IF Reporter

As a trusted news source. IF Reporter brings you the latest updates on Malaysia, Southeast Asia, and the world. Our team of expert journalists delivers clear, unbiased, and informative news coverage on a wide range of topics. Whether you're here for leisure or seeking to dive deeper into a specific matter, we add new content daily and ensure each post is easy to search and understand.

60134016904

ifreportermy@gmail.com

18500 Machang, Kelantan, Malaysia

Contact Us

Business Registration Number : 202403101824 (TR0301350-W)

bottom of page