News Spotlight: CrowdStrike outage

Global IT outage via CrowdStrike update - analysis

A faulty update from cybersecurity firm CrowdStrike for Microsoft software on July 19 led to a massive IT outage worldwide that affected an estimated 8.5 million Windows devices. The software glitch to its Falcon platform led to the dreaded "blue screen of death" on affected computers and crippled industries such as airlines, healthcare and financial institutions.

What follows below are links to articles, videos and other resources produced by publications in the CyberRisk Alliance — SC Magazine, ChannelE2E, MSSP Alert and Security Weekly News — related to the outage.

CrowdStrike outage: News coverage

CrowdStrike confirms faulty update is tied to massive global IT outage: ‘Fix has been deployed’ (July 19 - SC Magazine) Transport, broadcasters, and financial systems reportedly affected by Microsoft outage.
Security pros brace for manual system-by-system fix to CrowdStrike outage (July 19 - SC Magazine) Security pros say it will take “days” to fix the recent CrowdStrike outage.
What the CrowdStrike update outage means for cybersecurity (July 19 - SC Magazine) The incident highlights update management, supply chain and resilience challenges.
CrowdStrike discloses new technical details behind outage (July 20 - SC Magazine) CrowdStrike on Saturday updated customers and the public to new technical details of its' disastrous update to its Falcon cybersecurity platform.
Security Update: MSPs, MSSPs Rally to Fix CrowdStrike IT Outage (July 20 - ChannelE2E) This week's MSP Security Update includes full coverage from across the CRA network of the Crowdstrike IT outage.
5 ways threat actors are taking advantage of the CrowdStrike outage (July 22 - SC Magazine) A wide range of phishing lures, some spreading dangerous malware, have popped up around the web.
CompTIA Security VP Selk Talks MSP Response Amid CrowdStrike IT Outage (July 22 - ChannelE2E) CompTIA was out with guidance for MSPs and other partners when the CrowdStrike crisis hit.
MSP Talks About the Importance of Empathy Amid CrowdStrike Crisis (July 22 - ChannelE2E) Progressive Computing CTO and cofounder Robert Cioffi is no stranger to dealing with a crisis. Three years ago his firm and his firm's customers were hit by the Kaseya ransomware incident -- a security event that sent shockwaves across the managed services ecosystem.
Cyber Pros Spot Spike in Malicious Activity Over CrowdStrike Outage (July 23 - MSSPAlert) Bolster's CheckPhish site detected more than 40 phishing and phony lookalike domains created in the first 24 hours following the CrowdStrike incident.
CrowdStrike Outage: Legal Experts Weigh in on Liability Implications (July 23 - ChannelE2E) The CrowdStrike incident will have far-reaching legal implications for the company, MSPs and MSSPs.
Poll: CISOs stick with CrowdStrike, share lessons learned (July 24 - SC Magazine) The CyberRisk Collaborative convened a Rapid Action Meeting to allow members a forum to discuss the CrowdStrike flawed update incident, share information, and obtain advice from fellow members.
CrowdStrike CEO says 97% of Windows systems back online (July 25 - SC Magazine) CrowdStrike CEO Kurtz majority of systems back online and he is "deeply sorry" for those still impacted.
Massive CrowdStrike outage caused by an out-of-bounds memory error (Aug. 7 - SC Magazine) CrowdStrike admitted in its root cause analysis that a lack of proper testing was part of the cause of the outage.
Black Hat Keynote: CrowdStrike outage a global wakeup call (Aug. 7 - SC Magazine) Security questions raised by the CrowdStrike incident took center stage at the Black Hat USA 2024 keynote.
CrowdStrike outage leads Microsoft to plan more ‘security capabilities outside of kernel’ (Sept. 13 - SC Magazine) Security providers and regulators attended the Windows Endpoint Security Ecosystem Summit earlier this week.
CrowdStrike changes software update system after widespread outage (Sept. 24 - SC Magazine) CrowdStrike executive discussed the massive service outage at a congressional hearing Tuesday.

Commentary on CrowdStrike outage

Seven tips that offer short-term and long-term fixes following the CrowdStrike outage (July 19 - SC Magazine) Here’s seven tips that offer short-term and long-term fixes following the CrowdStrike outage.
Fallout from the CrowdStrike outage: Time to regulate EDR software (July 22 - SC Magazine) While regulations are unpopular in the business community, we can’t afford any more days like last Friday when airlines, hospitals and many other critical businesses went down.
CrowdStrike Aftermath: Three features telcos need from specialized EDR tools (July 25 - SC Magazine) As a follow-up to all the recent outages, here are three features telcos need from EDR tools.
CrowdStrike outage demonstrates how industry may respond to a Cyber Pearl Harbor (July 25 - SC Magazine) "While there were significant outages, disruption and loss of business, and an overall lack of system resilience, I am very encouraged overall by how everyone responded."
In the wake of the CrowdStrike outage, here’s a workable four-step patching strategy (Aug. 15 - SC Magazine) "While it's vital that all software gets patched to secure the organization from threats and comply with several security standards and regulatory requirements, it's extremely dangerous to rely on auto-updates to perform these tasks. We've all now seen the results of an auto-update gone bad."