Fallout From Faulty Friday CrowdStrike Update Persists

Historic IT outage expected to spur regulatory scrutiny, soul-searching over "monoculture" of IT infrastructure — and cyberattack threats.

2 Min Read
microsoft Windows 10 Blue screen of death on a display
Alamy

Echoes of the July 19 CrowdStrike glitch are likely to reverberate across the industry for years to come. For now, IT teams remain focused on slogging through a labor-intensive recovery.

But recovery is just the beginning. What's sure to follow is a barrage of regulatory oversight, hard feelings among the IT community, and a tough reminder that even a small slip-up in a software update can have catastrophic global consequences.

Cyber adversaries have also started to circle, eyeing an opportunity.

Windows in Recovery Mode

The faulty sensory configuration update to the Falcon Platform was released on July 19 at 4:09 UTC, according to CrowdStrike. Once the CrowdStrike update was pushed out, it triggered widespread Microsoft outages across CrowdStrike's 29,000 customers who rely on the company's software for cybersecurity endpoint detection and response (EDR). CrowdStrike's customers include retailers Target and Amazon, tech giants Alphabet and Intel, as well as many other household company names. When they tried to log on Friday morning, employees at some of the world's largest organizations were left staring at the dreaded blue screen of death. Airports, banks, hospitals, governments — there were few sectors spared the fallout — paralyzing the world's economy and causing panic.

Related:Top Tips for Cybersecurity Tabletop Exercises and Simulations

It wasn't a cyberattack, CrowdStrike assured the world, just a glitch. But that was little comfort to IT teams who faced Friday with the task of manually booting affected PCs into recovery mode, deleting the bad file, and restarting. That process is still underway in many organizations.

"This is not something that can be done remotely, and in many organizations, will require an administrator," said Tom Marsland, vice president of technology for Cloud Range, in a statement. "This means someone from IT support going computer to computer and doing this manually."

Marsland predicted the recovery will take days, even a week or more, for some larger companies.

"Recovery is going to be painful, to put it lightly," Marsland added.

Continue reading this article on Dark Reading.

Read more about:

Dark Reading

About the Authors

Becky Bracken

Editor, Dark Reading

Experienced journalist, writer, editor and media professional.

https://www.darkreading.com/

Dark Reading

Long one of the most widely read cyber security news sites on the Web, Dark Reading, a sister site to ITPro Today, is now the most trusted online community for security professionals like you. Dark Reading's community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like