Image: © PixieMe/Stock.adobe.com
A report this week found that one in four Fortune 500 companies were impacted by the outage – which cost them an estimated $5.4bn.
Nearly a week after a software update caused arguably the worst IT outage in history, Crowdstrike CEO George Kurtz says nearly all affected Windows devices are back online.
In a post on LinkedIn yesterday (25 July), Kurtz said that more than 97pc of Windows sensors are back online but that the US cybersecurity company’s “work is not yet complete”.
“I am deeply sorry for the disruption this outage has caused and personally apologise to everyone impacted. While I can’t promise perfection, I can promise a response that is focused, effective and with a sense of urgency,” he wrote.
“Our recovery efforts have been enhanced thanks to the development of automatic recovery techniques and by mobilising all our resources to support our customers. We published a preliminary incident report detailing how this happened and the measures we’re taking to prevent such incidents in the future.”
The outage, which occurred on 19 July, quickly grew into a global crisis, with various sectors – most notably airlines, banks and healthcare – being severely disrupted as Microsoft computer systems shut down.
It was quickly linked to a flawed cybersecurity update from Crowdstrike and by the afternoon, the company had issued a fix and assured users that it was not a cyberattack.
In a post-incident review, Crowdstrike said the crash happened due to a bug in its system, which allowed “problematic content data” to pass validation.
“Based on the testing performed before the initial deployment … trust in the checks performed in the content validator, and previous successful IPC template instance deployments, these instances were deployed into production,” the report read.
“When received by the sensor and loaded into the content interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash.”
A report published this week found that one in four Fortune 500 companies were impacted by the outage – which cost them an estimated $5.4bn (excluding Microsoft, which is more directly interconnected with CrowdStrike).
According to the Parametrix report, the largest direct financial loss will be suffered by Fortune 500 companies in the healthcare sector followed by banking. Together, they will likely take more than half the loss despite accounting for only a fifth of Fortune 500 revenues.
“Crowdstrike is committed to building on our mission to stop breaches, with a renewed focus on customer controls and resilience,” Kurtz added. “Customer obsession has always been our guiding principle, and this experience has only strengthened our resolve.”
Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.
