CrowdStrike, a cybersecurity company based in Austin, Texas, is connected to Microsoft’s outage that affected airlines, banks, and businesses around the world on Friday.
The company supplies antivirus software to Microsoft for its Windows devices, and many industries around the world (from banking to retail to healthcare) use the company’s software to resist breaches and hackers.
Friday’s outages, which caused the return of what’s informally known as the “blue screen of death,” were similar to “a flaw discovered in a single content update for Windows hosts,” the director said in a statement. CrowdStrike executive George Kurtz. “a security incident or cyberattack,” he said, and Mac and Linux hosts were affected. Kurtz said the company is already implementing a solution.
In an update shared Friday afternoon on social media, Kurtz said he was rushing to repair all systems and apologized to those affected. He added that he committed “to being completely transparent about how this happened and the steps we are taking to prevent a scenario like this from happening again. “
CrowdStrike also issued a warning on Friday saying it was tracking malicious activity seeking to exploit the outage “as a decoy issue. “The company said the threat actors were sending phishing emails “posing as CrowdStrike to customers,” posing as employees in phone calls, and posing as experts “claiming to have evidence that the technical issue is similar to a cyberattack and providing information on corrective action. “
“CrowdStrike Intelligence recommends that organizations be sure to speak with CrowdStrike representatives through official channels and follow the technical guidance provided through CrowdStrike teams,” the company said in a statement.
“It’s crazy that a single security update can have such a ripple effect, but it’s how interconnected and fragile so much of the technological infrastructure used around the world is,” Adam Satariano, generation correspondent for The New York Times, said Friday. “.
CNBC’s Jim Cramer noted in an interview Friday with CrowdStrike’s Kurtz that the company has an “excellent reputation. “Founded in 2011, it operates in more than 170 countries, has about 29,000 consumers and reported profits of more than $900 million for the quarter ended in April. , according to Reuters.
CrowdStrike not only provides security software to industries but also investigates attacks and tracks hackers. The company describes itself as a “leader in protecting consumers around the world from cyber threats” and said, “It is not unusual for organizations to outsource. ” industry experts, such as CrowdStrike, to investigate and remediate cyberattacks when they suspect a breach, even if they engage with law enforcement. ”
The company investigated the Russian hacking of the Democratic National Committee’s computers in 2016 and says it has also been tracking North Korean hackers for years.
When CBS News called CrowdStrike’s technical line on Friday, a pre-recorded message said the company was aware of reports of outages in Microsoft systems similar to its Falcon Sensor software. Falcon is a CrowdStrike product that aims to prevent breaches through “cloud-delivered technologies. “that save you from all kinds of attacks,” according to the corporation.
Kurtz said Friday that a patch was implemented to fix the problem. And in an interview with CNBC’s Cramer, he apologized to each and every organization, person, and organization affected.
“It wasn’t a code update,” Kurtz said. “This was a content update. And that means there’s a single record that drives more logic about how we look for bad actors, and that logic was pushed back and caused a challenge only in the Microsoft environment because of this bug that we had. .
“We found out very temporarily and canceled that specific content file,” he said.
He said many systems can be rebooted “and the challenge goes away and is resolved,” while other systems will take longer, “hours” or “a little bit longer. “
“We work separately with the visitors to make sure we can get them up and running,” Kurtz said.
As a global consequence of the outage, CrowdStrike’s percentage value plummeted from $42. 22, or more than 12%, to just over $300 in afternoon trading.
But the setback is more most probably to hurt the safety firm’s repute than have a primary monetary have an effect on on CrowdStrike, valued at more than $73 billion.
“CrowdStrike has a strong logo and global marketing presence, which it will want to accelerate in the coming weeks and months to limit some of the damage,” Wedbush equity analyst Dan Ives told investors in a study note.
— Alain Sherter contributed to this report.