Global Cyber Outage: What is CrowdStrike? How is it linked to the global Microsoft outage?

On Thursday evening, a significant global cyber outage began, causing a massive disruption to Microsoft Windows users around the world. This event impacted users in countries including India, Australia, Germany, the United States, and the UK, with affected systems displaying the dreaded Blue Screen of Death (BSOD).

This malfunction led to automatic system restarts or shutdowns, severely hampering productivity and operations across various sectors. The root cause, as identified by companies like Dell Technologies, was linked to a recent update from the cybersecurity firm CrowdStrike.

The outage had far-reaching consequences, particularly for essential systems used by several airlines. In the US, carriers such as American Airlines, Frontier Airlines, Allegiant, and Sun Country experienced operational disruptions. Similarly, in India, IndiGo and other airlines were affected. Beyond the aviation industry, the outage also disrupted banks, supermarkets, media outlets, and other businesses who are extensively reliant on Microsoft's cloud services.

What is CrowdStrike?

CrowdStrike is a leading cybersecurity company known for its advanced security solutions designed to protect against data breaches, ransomware, and cyber attacks. Founded in 2012 by former McAfee employee George Kurtz, CrowdStrike has become a critical player in the cybersecurity landscape, serving a diverse clientele that includes global investment banks, universities, and major corporations.
At the heart of CrowdStrike's offerings is the Falcon platform. This comprehensive cybersecurity solution uses a single sensor and a unified threat interface to provide real-time indicators of attacks, hyper-accurate detection, and automated protection. The platform is designed to correlate attacks across endpoints, workloads, and identities, effectively stopping identity-driven breaches in real time.

The recent issues stemmed from an update to CrowdStrike’s Falcon sensor. This update reportedly caused the sensor to malfunction, leading to conflicts with Windows systems and resulting in the widespread blue screen errors. CrowdStrike acknowledged the error and has since been actively working on a resolution. The company assured users that there was no need to open a support ticket and promised to provide updates as they become available.

CrowdStrike, Sony, and North Korea

CrowdStrike is no stranger to the spotlight, having been involved in several high-profile cyber investigations. One notable case is the 2014 Sony Pictures hack, where a group called the Guardians of Peace, believed to be affiliated with North Korea, hacked into Sony Pictures Entertainment.
GoP stole vast amounts of information and threatened acts of terrorism against movie theatres unless Sony cancelled the release of "The Interview," a comedy about the assassination of North Korean leader Kim Jong Un. In this investigation, CrowdStrike discovered evidence that seemed to definitively connect North Korean players to the Sony hacking.

The “Blue Screen of Death” explained

The Blue Screen of Death (BSOD) is a critical error screen displayed on Windows operating systems when a severe system issue occurs, preventing safe operation. This error forces the computer to restart unexpectedly, often resulting in data loss. In the recent incident, the BSOD error message indicated that the PC ran into a problem and needed to restart, leaving users frustrated and businesses scrambling for solutions.

While Microsoft has confirmed that the Azure outage has been resolved, the incident has brought a spotlight to the potential risks associated with heavy reliance on cloud services. Meanwhile, CrowdStrike has offered solutions on its members-only platform and continues to address the fallout from the outage.