What Happened with CrowdStrike?

Key lessons from last week’s global tech failure

July 25, 2024

The cybersecurity vendor CrowdStrike has identified the quality-control issue that upended health care and other sectors around the globe last week.

In a new post-event analysis, the company said a flawed software update led to the global disruption that canceled airline flights and affected operations at financial institutions and hospitals, among others.

Here’s what you need to know:

• What happened:  The crashes stemmed from a defect in the tool the company uses to ensure system updates do not have issues.  The tool failed to identify a mistake that led to Windows crashes and the so-called “blue screen of death” for millions of users around the globe.
• Core issue:  Software vendors need to consistently update systems to better detect threats and create new defenses against bad actors. These updates must be implemented carefully so they do not create new glitches and bugs for active users.
• Key lessons:  The company committed to a “staggered deployment strategy to a small subset of systems” before a staged rollout for updates in the future.
  • The company also plans to “strengthen error handling mechanisms in the Falcon sensor to ensure errors from problematic content are managed gracefully.”
  • CrowdStrike also committed to additional validation checks to prevent similar issues, including third-party validation.
• The big takeaway: When mistakes happen, it’s important to build resiliency so individual errors don’t have global consequences.
• Quotable:  “By regularly updating, security products can quickly adapt to emerging threats, ensuring robust protection for users and their systems,” the company said in a statement.

Additional takeaways from the event are included in this HAP emergency management bulletin. The post-event analysis is available online.