A widespread IT outage is currently impacting computer systems globally, including banks, media organizations, hospitals, transport services, shop checkouts, and airports in Australia and New Zealand. This unprecedented outage has been caused by a software called CrowdStrike Falcon, which is used by organizations to protect their computers from cyber attacks and malware.
CrowdStrike is a US cyber security company that specializes in endpoint detection and response (EDR) software. Falcon, one of its products, monitors computers for any suspicious activity and helps to mitigate threats. However, due to its privileged access and tight integration with the core software of the computers it runs on, Falcon can cause serious problems when it malfunctions.
In this case, an update to Falcon caused Windows 10 computers to crash and fail to reboot, resulting in the infamous “blue screen of death” (BSOD). Falcon’s widespread usage in major organizations, such as hospitals, media companies, universities, and supermarkets, has contributed to the global impact of this outage.
Home PCs are less affected because CrowdStrike’s products are primarily tailored for large organizations that require network monitoring and timely response to intrusions. Home users typically rely on built-in antivirus software or popular security products offered by companies like Norton and McAfee.
While CrowdStrike has provided manual instructions for fixing the issue on individual affected computers, there is currently no automatic fix available. IT teams may need to wipe affected computers and restore them from backups or revert to an earlier version of Falcon. It may take some time for organizations to fully resolve the problem.
This incident highlights the irony of relying on advanced security technology like EDR while also serving as a reminder for companies like CrowdStrike to exercise caution when deploying automatic updates to their products.