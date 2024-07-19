The reputation of a Company that describes themselves as one of the world’s best cyber security Companies is in tatters tonight, with the US business facing the potential of being sued by hundreds of business including major retailers in Australia and insurance Companies looking to claw back payouts for lost income, airline delays and customers affected by what is being described as the world’s biggest technology disaster.

At the heart of the problem is CrowdStrike Falcon software which the US Company describes as award-winning, AI-powered cybersecurity that protects small and medium businesses (SMBs) from ransomware and data breaches

The only problem for thousands of business including the NBN, Bendigo Bank, Foxtel, National Australia Bank, Australia Post, Suncorp, Xero, Commonwealth Bank, MYOB, ME Bank, Optus, Telstra Amazon, Westpac, Google, ANZ and Microsoft in Australia is the Company that was supposed to be protecting these networks was the organisation responsible for the loss of hundreds of millions if not billions in revenue by organisations who had invested in their software.

The drama unfolded mid Friday when the Company issued a patch or system upgrade, which went wrong bringing down hundreds of networks running Microsoft software.”Symptoms include experiencing a blue screen error related to the Falcon Sensor,” the Company said.

What’s not known is why the Company did not check the upgrade prior to downloading it to servers around the world.

The CrowdStrike update literally broke computers running Windows, causing them to crash.

TV Companies in Australia including Sky News, SBS, and the ABC were affected by the outage many have not been able to broadcast the unfolding drama.

Organizations in Australia were among the first to report issues, with markets such as the USA and Europe still sleeping.

The outage appeared to primarily affect Windows devices and servers globally, with Microsoft issuing a service update via X revealing it was investigating an issue “impacting users’ ability to access various Microsoft 365 apps and services”.

“Our Engineering teams are actively working to resolve this issue and there is no need to open a support ticket.” the Company claimed to the hundreds of IT technicians who hit the Companies support operation looking for a fix.

The major problem was, that Windows is a major operating system across Australian businesses and CrowdStrike an incredibly popular cybersecurity company, now questions are being asked about the maturity of their software, withvthe reputation of the Company now being questioned.

The problem appears to be a “a faulty channel file, which the Company is trying to fix.

Due to so many organisations having all their operations dependant on CrowdStrike’s Falcon system, the issue quickly cascaded and by 4.30pm Eastern time in Australia the Country was in in a state of chaos with airlines and banks down retailers unable to trade and TV and radio stations unable to broadcast.

As I write the issue is being described as a misconfiguration in cyber company CrowdStrike’s Falcon sensor software update.

This is heavily caveated because it’s all happened so quickly.

Apparently, the Company was carrying out a sensor update on their Falcon software which seems to have been misconfigured in such a way that it literally wrecked Windows.

Tech engineers across Australia quickly realised that if they were using CrowdStrike and Windows for its OS they had a major problem.

CrowdStrike describes their Falcon platform converges security and IT to protect all key areas of risk.

‘Easily deployed through a single, lightweight agent with no reboots, Companies can manage their security from a unified console.

As for impact, Bunnings couldn’t process returns when its systems were shut down just after 3pm. The outage forced Microsoft devices to go blue and then try to reboot.

Outage website Downdetector reported hundreds of impacted Australian businesses.

Australia’s National Cyber Security Coordinator Michelle McGuinness said it appeared the outrage was not the work of online criminals.

“I am aware of a large-scale technical outage affecting a number of companies and services across Australia,” she wrote on X on Friday afternoon.

“Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies.”

The company was founded by former McAfee employee George Kurtz in 2012. Its ownership structure is a mix of individual investors, and institutions.

UPDATE: In a post on X, formerly Twitter, tonight George Kurtz CEO of CrowdStrike said the outage was caused by a “defect found in a single content update for Windows hosts.”He added that the global IT outage was “not a security incident or cyberattack”, and that “the issue has been identified, isolated and a fix has been deployed.”

Kurtz continued: “We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels.

“Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”