CrowdStrike continues to manage the fallout from its IT outage July 19 as it works on remediation plans with the banks, airlines and stock exchanges that were brought to a halt by the tech meltdown.  

The cybersecurity firm last Friday released a patch, or a software update that addresses security vulnerabilities, on its Falcon cybersecurity platform that affected nearly 8.5 million Microsoft Windows devices, according to a July 20 release from Microsoft. 

“As our technical systems become more interconnected, it’s almost certain mass outages will increase in frequency,” Kyle Hanslovan, former National Security Administration hacker and chief executive of cybersecurity company Huntress, told Bank Automation News. “I highly encourage all industries to prepare and exercise plans to operate when key technology solutions become unavailable without notice.” 

Unintended consequences

Today, nearly all companies are predominantly digital and face consumer pressure to provide innovative and high-quality experiences, Bob Wambach, vice president of product strategy at AI-driven software company Dynatrace, told BAN.  

With customer experience and time-to-market in mind, companies are forced to move quickly through the innovation process, which comes with added risk, he said. 

“When you change things, you want to have a really good idea of ‘Is it doing what I intended it to do?’” he said. “If there is any unintended consequence of [a change], I want to know immediately.” 

CrowdStrike should have tested the Falcon update ahead of its rollout in a sandbox and other environments before the launch, Peter Avery, vice president of security and compliance at cybersecurity company Visual Edge IT, told BAN.  

“The only thing that you can do is test by rolling out the patches to a smaller subset of machines to see how they are affected,” Avery said. “I would also suggest not just doing a point-in-time test but also allow the systems to be used for at least 72 hours with multiple reboots before determining the patch is safe.” 

Incident response

Dynatrace’s Wambach said that in the case of an outage, companies must determine how to quickly: 

• Isolate the problem; 

• Communicate the issue with clients; and 

• Remediate and restore services. 

“The smartest move is always to be transparent about what happened, why it happened [and] what you’re doing about it,” Wambach said.  

CrowdStrike CEO George Kurtz took to X, formerly Twitter, on Friday to share updates regarding the outage, including an apology and a plan for the fix. 

Today was not a security or cyber incident. Our customers remain fully protected.

We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can…

— George Kurtz (@George_Kurtz) July 19, 2024

During the weekend following the outage, which affected Bank of America, JPMorgan, TD Bank and Visa, Microsoft launched a tool to help affected customers repair and recover from the CrowdStrike outage, according to Microsoft. 

Shares of CrowdStrike Holdings (CRWD) were down 12% to $267.08 at 11:39 a.m. ET today. Shares have fallen 22% since Friday. CrowdStrike has a market capitalization of $64.9 billion. 

[stock_market_widget type=”inline” template=”generic” assets=”CRWD” markup=”{name} ({symbol}) is trading at {price} ({change_pct}) as of {last_update}” realtime=”true” api=”yahoo-finance”].

Early-bird registration is now available for the inaugural Bank Automation Summit Europe in Frankfurt, Germany, on Oct. 7-8! Discover the latest advancements in AI and automation in banking. Register here and apply to speak here.