Investigations and possible penalties on Crowdstrike due to the egregious malfunction

On July 19, 2024, the world was shocked by the news of widespread flight cancellations at airports in countries like Spain, the Netherlands, England, and the United States. Additionally, the operations of banks, news agencies, and even hospitals were severely disrupted.

So, what happened?

Airports, banks, and media agencies rely on servers running the Windows operating system. To protect these critical servers from #hacking, companies typically invest in #protection_software. For an individual user to protect their device from #hacks or viruses, they would need to download and install antivirus software. But what if we’re talking about a large company with nearly forty thousand employees? In such cases, standard antivirus software is not sufficient. These companies must turn to software specialists who can provide solutions that support various operating systems, and are easy to download, manage, and monitor. This is where companies like #CrowdStrike come in, specializing in protecting organizations through their advanced #cybersecurity software. One of their most well-known products is Falcon, a security program installed on #servers and employee devices to safeguard against #hacking using advanced technologies.

Returning to the incident at the airports, initial reports suggested that the #hack occurred due to a #security_flaw in CrowdStrike’s systems, leading to a DDoS attack on their servers. However, this was denied by multiple sources, including George Kurtz, the CEO of #CrowdStrike. He clarified that the issue was caused by a faulty update, which resulted in the infamous Blue Screen of Death appearing on devices, as shown in images attached to the initial reports. Additionally, #servers entered an endless restart loop, rendering them unusable. This malfunction caused millions of devices worldwide to go offline, including systems at airports, banks, ATMs, news agencies, hospitals, and other corporate infrastructures.

It is important to note that the problem only affected devices running the Windows operating system. Servers and devices operating on Linux and Mac systems were unaffected. CrowdStrike has since released a patch to address the issue and published the update for the #servers impacted by the technical glitch. However, thousands of companies have already uninstalled CrowdStrike’s #protection programs, leaving their servers unprotected and vulnerable to hacking. As a result, Microsoft’s market value plummeted by $60 billion due to this technical failure, as reported by CNBC Arabic.

What caused this malfunction that paralyzed several critical services?

It was a human error—one of the #crowdstrike employees mistakenly downloaded an incorrect update onto the devices, which led to the malfunction affecting various systems.

Roland Abi Najm, an Information Security Advisor, emphasized on several media platforms that such mistakes are inevitable, as there is no absolute protection or safety in #cybersecurity. He also noted that the integration of #artificial_intelligence into cybersecurity has complicated the situation further. “We have to get used to such challenges,” he stated.

According to Cyberax sources, investigations into this #hack are ongoing, and both #CrowdStrike and Microsoft may be required to compensate those affected, particularly since the error originated from within the company.

As for potential solutions, diversifying service providers could be the most effective approach. This would ensure that not all companies and institutions are dependent on a single cybersecurity firm and are not subjected to the same risks in situations like the one that occurred with #CrowdStrike.