When your cybersecurity company, designed to guard against malicious malware, causes the biggest global IT outage in history, there is not any escape. So Shawn Henry got straight to the purpose.
“We disappointed you on Friday and I am deeply sorry for that,” began the post from CrowdStrike’s security chief.
An update pushed out from the cloud just hours before the top of the work week caused Windows-based computer systems to crash, boot up and crash again. Endless loop only interrupted by the so-called BSOD or “Blue Screen of Death”.
Major industries world wide that use Crowdstrike’s Falcon software — resembling aviation, banking and healthcare — were shut down for hours and even days. Delta Airlines remains to be reeling, canceling a whole lot of flights on Monday and stranding passengers for days.
This CrowdStrike outage is a nightmare. Imagine having to go to every of the failed systems and fix it manually. With FDE, it’s even worse.
I even have flashbacks of Nimda and the reboot loop, but that is worse. pic.twitter.com/qY5apjMBaU
— Tim Medin 🇺🇦🌻 (@TimMedin) July 19, 2024
“The trust we had built up over the years was lost in a matter of hours and that was a gut punch,” Henry continued. “We let down the very people we were trying to protect and to say we are devastated would be a massive understatement.”
The real remorse expressed was markedly different from the message of CEO and founder George Kurtz, whose stock price has already lost a couple of quarter of its value as investors await news of possible lawsuits.
Kurtz’s initial statement on Friday seemed so whitewashed that customers may very well be forgiven for pondering the issue might lie elsewhere. Since there was no direct admission of fault from CrowdStrike, there was not even a transient word of apology.
not even an apology? Bold strategy.
— Tom Warren (@tomwarren) July 19, 2024
His response was quite surprising. In theory, Kurtz must have some experience in crisis communications, as he was serving as chief technology officer on the time McAfee also went down. Millions of computers worldwide in 2010.
Now leading representatives of the US House of Representatives are calling on Kurtz to testify before Congress and explain the fiasco surrounding the software update.
Companies providing critical services were most affected
For some customers, the words of their CSO come too little and too late.
“We just removed Crowdstrike from all of our systems,” Elon Musk posted on Friday, although he didn’t make clear whether he was referring to at least one or all of his firms.
We just deleted Crowdstrike from all our systems, so there are not any rollouts in any respect
– Elon Musk (@elonmusk) July 19, 2024
In terms of lost economic output, it’s hard to place a precise figure on the havoc its software company has wreaked on the world. Microsoft estimated that at the top of the day, only 8.5 million Windows devices, or lower than 1% of all machines, were affected. The problem was the concentration of industries that relied on CrowdStrike’s Falcon software.
“Although the percentage was small, the far-reaching economic and societal impact reflects the use of CrowdStrike by companies that operate many critical services,” Microsoft said on Saturday.
Investors have since flocked to smaller rival SentinelOne, whose shares have risen greater than 20% since Friday. The CrowdStrike debacle may have contributed to cybersecurity firm Wiz now rejecting a rumored deal to be acquired by Google parent Alphabet in a deal reportedly valued at $23 billion.
When Deutsche Bank analysts noticed the decline in Crowdstrike, they tried to rush out a broker note calling it a short-term buying opportunity for such a high-quality stock.
“However,” it continued, “ironically, due to the outage, we were unable to publish our original research note.”
CEO Daily provides a very powerful context to the news that leaders across the business world have to know. Every weekday morning, greater than 125,000 readers trust CEO Daily for insights into the C-suite and its surroundings. Subscribe now.
