What is CrowdStrike, the cybersecurity company behind the global Microsoft outages?

How the CrowdStrike glitch crippled operations across the globe

CrowdStrike, a cybersecurity firm headquartered in Austin, Texas, is linked to the Microsoft outage affecting airlines, banks and other businesses worldwide on Friday.

The company provides antivirus software to Microsoft for its Windows devices, and many industries globally — from banking to retail to health care — use the company's software to protect against breaches and hackers.

The outages Friday, which caused the return of what is informally known as the "blue screen of death," were connected to "a defect found in a single content update for Windows hosts," CrowdStrike CEO George Kurtz said in a statement. The issue was "not a security incident or cyberattack," he said, and Mac and Linux hosts were not affected. Kurtz said the company was already implementing a fix.

In an update shared Friday afternoon on social media, Kurtz said it was working to restore all systems and apologized to those impacted. He added that he was committed "to provide full transparency on how this occurred and the steps we're taking to prevent anything like this from happening again."

CrowdStrike also issued a warning Friday saying it was monitoring malicious activity trying to exploit the outage "as a lure theme." The company said threat actors were sending phishing emails "posing as CrowdStrike support to customers," impersonating staff in phone calls and posing as experts "claiming to have evidence the technical issue is linked to a cyberattack and offering remediation insights."

"CrowdStrike Intelligence recommends that organizations ensure they are communicating with CrowdStrike representatives through official channels and they adhere to technical guidance the CrowdStrike support teams have provided," the company said in a statement.

"It's wild that one security update can have such a ripple effect, but it shows how interconnected and fragile a lot of the technology infrastructure that's used around the world is," Adam Satariano, a technology correspondent for The New York Times, said Friday on "CBS Mornings."

CNBC's Jim Cramer noted in an interview Friday with CrowdStrike's Kurtz the company has a "stellar reputation." Founded in 2011, it operates in over 170 countries, has about 29,000 customers and reported more than $900 million in revenue for the quarter that ended in April, according to Reuters.

CrowdStrike not only provides security software to industries, but also investigates hacks and tracks hackers. It describes itself as "a leader in protecting customers around the world from cyber threats" and said "it is common for organizations to hire third-party industry experts, like CrowdStrike, to investigate and remediate cyber attacks when they suspect a breach even if they are collaborating with law enforcement."

The firm investigated the Russian hack on Democratic National Committee computers in 2016, and says it has also tracked North Korean hackers for years. 

What caused the Microsoft outage?

When CBS News called CrowdStrike's technical support line Friday, a pre-recorded message said the company was aware of reports of crashes on Microsoft systems related to its Falcon Sensor software. Falcon is a CrowdStrike product that works to stop breaches through "cloud-delivered technologies that prevent all types of attacks," according to the company.

Kurtz said Friday a fix has been deployed for the issue. And in an interview with CNBC's Cramer, he apologized to every organization, person and group it has impacted.

"This was not a code update," Kurtz said. "This was actually an update of content. And what that means is there's a single file that drives some additional logic on how we look for bad actors, and this logic was pushed out and caused an issue only in the Microsoft environment specific to this bug that we had."

"We identified this very quickly and rolled back this particular content file," he said. 

He said many systems can be rebooted "and the problem goes away and is fixed," while other systems will take more time to recover — "hours" or "a little bit longer."

"We're working individually with each and every customer to make sure that we can get them up and running and operational," Kurtz said.

CrowdStrike stock

The global fallout from the outage dented CrowdStrike's stock price, which fell $42.22, or more than 12%, to just over $300 in afternoon trading. 

But the setback is more likely to hurt the security firm's reputation than take a major financial toll on CrowdStrike, which is valued at more than $73 billion.

"CrowdStrike has a strong brand and global marketing presence, which will need to go into next gear over the coming weeks and months to curtail some damage from this," equity analyst Dan Ives of Wedbush told investors in a research note.

Alain Sherter contributed to this report.

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.