CrowdStrike, the cybersecurity firm responsible for last week’s widespread IT outage, has identified a flaw in its quality control process as the cause of the disruption. In an update on their investigation into the incident, which continues to have repercussions, CrowdStrike stated that a code error had passed through their safety protocols, resulting in crashes on computers running Microsoft’s Windows operating system.
The company’s Falcon Sensor platform, designed to protect systems from malicious software and hackers, was found to have a bug in its Content Validator. This allowed one of the two Template Instances to pass validation despite containing problematic content data. CrowdStrike did not disclose the nature of the data or why it was considered problematic. A Template Instance is a set of instructions that guides the software on detecting threats and responding to them.
Following the incident, CrowdStrike has implemented a new check in their system to prevent a similar issue from occurring in the future. The full extent of the economic damage caused by the IT outage is still being assessed and may never be fully determined. According to a report by insurer Parametrix, the direct financial loss for US Fortune 500 companies, excluding Microsoft, is estimated to be $5.4 billion, as reported by Reuters.
The effects of the disruption are still being felt by companies and organizations worldwide. In the aviation industry, global airlines such as Delta are struggling to fully restore their systems, leading to additional cancellations and delays. In Malaysia, authorities have publicly called for both CrowdStrike and Microsoft to cover losses incurred by the country. In the UK, the majority of systems have been restored, but some Windows operators without IT teams are facing delays in removing the rogue code manually. The National Health Service (NHS) has also warned of potential repercussions due to thousands of lost appointments.
As a result of the incident, CrowdStrike CEO George Kurtz has been called to testify before the US House of Representatives’ homeland security committee. The company continues to work towards resolving the issue and preventing future disruptions.
