CrowdStrike, a cybersecurity firm headquartered in Austin, Texas, is linked to the Microsoft outage affecting airlines, banks and other businesses worldwide on Friday.
The company provides antivirus software to Microsoft for its Windows devices, and many industries globally — from banking to retail to health care — use the company’s software to protect against breaches and hackers.
The outages Friday were connected to “a defect found in a single content update for Windows hosts,” CrowdStrike CEO George Kurtz said in a statement. The issue was “not a security incident or cyberattack,” he said, and Mac and Linux hosts were not affected.
“It’s wild that one security update can have such a ripple effect, but it shows how interconnected and fragile a lot of the technology infrastructure that’s used around the world is,” Adam Satariano, a technology correspondent for The New York Times, said Friday on “CBS Mornings.”
CNBC’s Jim Cramer noted in an interview with CrowdStrike’s Kurtz on Friday that the company has a “stellar reputation.” Founded in 2011, it operates in over 170 countries, has about 29,000 customers and reported more than $900 million in revenue for the quarter that ended in April, according to Reuters.
CrowdStrike not only provides security software to industries, but also investigates hacks and tracks hackers. It describes itself as “a leader in protecting customers around the world from cyber threats” and said “it is common for organizations to hire third-party industry experts, like CrowdStrike, to investigate and remediate cyber attacks when they suspect a breach even if they are collaborating with law enforcement.”
The firm investigated the Russian hack on Democratic National Committee computers in 2016, and says it has also tracked North Korean hackers for years.
When CBS News called CrowdStrike’s technical support line Friday, a pre-recorded message said the company was aware of reports of crashes on Microsoft systems related to its Falcon Sensor software. Falcon is a CrowdStrike product that works to stop breaches through “cloud-delivered technologies that prevent all types of attacks,” according to the company.
Kurtz said Friday a fix has been deployed for the issue. And in an interview with CNBC’s Cramer, he apologized to every organization, person and group it has impacted.
“This was not a code update,” Kurtz said. “This was actually an update of content. And what that means is there’s a single file that drives some additional logic on how we look for bad actors, and this logic was pushed out and caused an issue only in the Microsoft environment specific to this bug that we had.”
“We identified this very quickly and rolled back this particular content file,” he said.
He said many systems can be rebooted “and the problem goes away and is fixed,” while other systems will take more time to recover — “hours” or “a little bit longer.”
“We’re working individually with each and every customer to make sure that we can get them up and running and operational,” Kurtz said.
The company’s shares were down 12.6% in premarket trading.
#CrowdStrike #cybersecurity #company #global #Microsoft #outages