CrowdStrike to implement new checks to avoid another global IT outage

Cyber security group will improve testing and stagger updates to reduce risk of computers being hit all at once

CrowdStrike has vowed to implement new checks to avoid a repeat of the global IT outage that hit millions of computers last week, as the cyber security company outlined the initial findings of its investigation into what went wrong. Photograph: Michael Nagle/Bloomberg
CrowdStrike has vowed to implement new checks to avoid a repeat of the global IT outage that hit millions of computers last week, as the cyber security company outlined the initial findings of its investigation into what went wrong. Photograph: Michael Nagle/Bloomberg

CrowdStrike has vowed to implement new checks to avoid a repeat of the global IT outage that hit millions of computers last week, as the cyber security company outlined the initial findings of its investigation into what went wrong.

Texas-based CrowdStrike said on Wednesday that the measures would include improvements to its internal testing, as the group seeks to prevent the kind of widespread disruption that hit industries from airlines to retailers caused by its faulty software update.

Microsoft has estimated that about 8.5 million Windows devices, which amounted to less than 1 per cent of all Windows machines, were hit by the faulty update, which grounded planes, interrupted hospital appointments and took broadcasters off air around the world.

John McManus: Global outage should make us question the wisdom of AIOpens in new window ]

CrowdStrike said it also planned to implement “a staggered deployment strategy” for updates similar to the one that triggered last week’s outage. They would be “gradually deployed” to reduce the risk of large numbers of computers and servers being affected by an error at once, it said.

READ MORE

In the wake of the chaos, CrowdStrike’s chief executive George Kurtz was summoned by the US subcommittee on cyber security and infrastructure protection to explain the company’s role in what lawmakers said “some have claimed to be the largest IT outage in history”.

CrowdStrike, one of the world’s largest cyber security vendors, said it was “actively in contact with relevant congressional committees”.

The company last week blamed an update to its Falcon software for a bug that triggered a “blue screen of death” error on millions of computers.

On Wednesday, in a preliminary review of the incident, CrowdStrike said the “undetected error” in the software had been missed due to a “bug” in its “content validator”, which is supposed to check for problems.

That bug meant that the faulty update “passed validation despite containing problematic content data”, CrowdStrike said.

It took about 90 minutes for millions of machines to be affected by the faulty update, which began to be rolled out on Friday, before CrowdStrike discovered the problem and took action to prevent more computers being hit.

Ireland’s hospitality sector: ‘The customer feels they are not getting value for money’

Listen | 38:40

The incident has raised questions about the risks of the interconnected nature of global IT systems and the potential for an error to have outsized consequences.

CrowdStrike warned last week that “threat actors” were attempting to take advantage of the disruption to “distribute malicious files” targeting its customers.

The company published a list of internet domains that it said “impersonate CrowdStrike’s brand” and could be used by cyber criminals to trick unsuspecting customers by serving them “malicious content”. – Copyright The Financial Times Limited 2024