On Friday, July 19, 2024, computers across the world got the “blue screen of death” preventing many businesses from being able to carry out their usual operations. This signaled the beginning of the CrowdStrike outage. As you might imagine, social media platforms erupted in a flurry of posts.
Early on, fingers were incorrectly pointed at Microsoft for the issue on social. Others were elated that computers were down – sharing their excitement about the possibility of “getting a long weekend.” Speculation swirled about these posts of a major cyberattack causing the global disruption. While other, more technically-savvy, people shared their ideas – attempting to help quell the issue.
But what actually happened? And what can we take away from this unfortunate outage?
Table of Contents
What Caused the Global CrowdStrike Outage?
What was meant to be a simple task turned into something much, much larger. CrowdStrike, a cybersecurity company based in Austin, Texas, sent out a routine Falcon content update to its users causing approximately 8.5 million Windows devices to crash. Sometimes, repeatedly.
CrowdStrike continues to focus on restoring all systems as soon as possible. Of the approximately 8.5 million Windows devices that were impacted, a significant number are back online and operational.
— CrowdStrike (@CrowdStrike) July 21, 2024
Together with customers, we tested a new technique to accelerate impacted…
George Kurtz, CrowdStrike President and CEO, quickly shared that the update contained a software bug that disrupted major business sectors across the world.
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…
— George Kurtz (@George_Kurtz) July 19, 2024
This massive outage caused flights to be delayed or canceled. Banks were unable to help customers access their money. Grocery stores were forced to only accept cash. Alaska State Troopers were among the law enforcement agencies to report issues, warning people that 911 was temporarily not working. Even McDonald’s and Starbucks closed some of their locations due to the unexpected disruption of their systems.
To say that people were eager for answers about the largest global software outage to date is an understatement. Fortunately, answers came quickly.
Despite the end-user issues, CrowdStrike continued to maintain normal operations, ensuring customers were protected while they worked quickly to resolve the problem.
All of CrowdStrike continues to work closely with impacted customers and partners to ensure that all systems are restored.
— George Kurtz (@George_Kurtz) July 19, 2024
I’m sharing the letter I sent to CrowdStrike’s customers and partners. As this incident is resolved, you have my commitment to provide full transparency on…
Bad actors like to take advantage of newsworthy events like this and CrowdStrike addressed this concern in their letter to customers and partners.
Lessons Learned from CrowdStrike Outage
1. Small Errors Can Have a Large Impact
In today’s digitally connected world, a small error or bad decision can cause costly downtime. In this example, CrowdStrike’s outage was due to an error in an update that impacted customers worldwide. This incident truly highlights the importance of having the right strategies in place to minimize business disruption.
What will happen to your business if your technology suddenly fails? Do you have the processes and expertise in place to quickly recover?
2. Be Transparent with Stakeholders When Issues Arise
CrowdStrike did a good job communicating with the public after the outage happened. This is an important step, but many business leaders are afraid to admit their mistakes for fear it’ll damage their reputation. However, withholding details is one of the worst things you can do in a crisis.
Communicating the problem – and how you intend to fix it – will help you restore your stakeholder’s trust in your organization.
Here’s what we think CrowdStrike did well:
- They transparently shared what happened with customers, partners, and the public.
- They quickly apologized for the disruption.
- They provided regular updates to help those impacted restore their systems.
- They cautioned about potential cyber threats that might arise due to the event.
Any experienced communications specialist will tell you that your business needs to have a crisis communication plan before a crisis happens – whether you’re operating with 10 employees or 5,000.
Communications specialist Cayden Crowise recommends that, at a minimum, you:
- Develop a series of scenarios that reflect the types of crises your organization might face.
- Assess the likelihood of each scenario occurring and prioritize them from most to least severe.
- Pay close attention to the worst cases and review current policies and strategies that may be impacted.
- Identify someone to speak to the public during a crisis, and another to keep internal stakeholders informed.
- Train them to coordinate together so the organization is speaking with one “corporate voice.”
- Implement policies and/or strategies to minimize the impact of a crisis.
- Regularly review the plan, at least annually.
3. You Can't Assume a Cyber Attack Caused an Outage
We unfortunately live in a world where it’s normal for cybercriminals to wreak havoc on businesses. However, during an outage, it’s crucial not to jump to conclusions before gathering all the facts. While vigilance and preparedness against cyber threats are essential, being overly suspicious can also be counterproductive.
That said, business leaders should really pay close attention to how people reacted to the recent outage. The widespread concern about a potential cyberattack showcases the security expectations of current (or future) customers. They expect comapnies to have comprehensive cybersecurity measures in place to protect their data.
If you don’t have a strategy yet, check out the foundational strategy our cybersecurity team created for small businesses.
4. Have a Backup Plan for Unexpected Disruptions
If you don’t have one already, your business needs a continuity plan. According to PwC’s 2023 Global Crisis and Resilience Survey, 96% of 1,812 business leaders said their organizations had experienced disruption in the past two years. What’s even more alarming is that 76% said their most serious disruption had a medium to high impact on operations.
Having a business continuity plan will ensure that your business can continue operating during and after a crisis. The CrowdStrike outage showed us that many enterprise businesses had to unexpectedly halt their operations because their computers were down. Ensure you’re making your organization resilient to unexpected disruptions.
Here are seven ways to start your business continuity plan from the U.S. Small Business Administration:
- Determine your greatest risk potential.
- Establish your power needs.
- Create a communications plan.
- Prepare your supply chain.
- Make sure you have enough insurance to recover.
- Protect your critical data in the cloud.
- Test the plan.