On July 19, cybersecurity leader CrowdStrike found itself at the centre of a crisis after a faulty software update caused a widespread IT outage, affecting millions of computers worldwide. The aftermath of this incident was evident at the Black Hat cybersecurity conference in Las Vegas, where CrowdStrike had a contributing presence. The company, known for its expertise in stopping cyber threats, faced the challenge of reassuring its customers and partners while dealing with the repercussions of the outage.
CrowdStrike's Response to the Crisis
In the weeks following the outage, CrowdStrike provided regular updates on its investigation into the issue. As part of its apology to affected partners, the company distributed $10 Uber Eats gift cards, though this gesture quickly backfired. Many recipients found their gift cards flagged as fraudulent due to high usage rates, exacerbating the company's already strained relationship with some partners.
Despite the challenges, CrowdStrike maintained a strong presence at the Black Hat conference, where it showcased its products and engaged with attendees. The company's booth, one of the largest at the event, drew attention, not just for the promotional items like T-shirts and action figures but also for the opportunity to discuss the incident with CrowdStrike representatives.
The response from cybersecurity professionals at Black Hat was mixed. Some attendees remained loyal to CrowdStrike, viewing the outage as an unfortunate but not defining moment for the company. A U.S. government employee who uses CrowdStrike regularly expressed confidence in the company's ability to maintain its position as a leading cybersecurity provider. Similarly, a security engineer noted that while his company was affected by the outage, CrowdStrike's prompt and effective remediation efforts helped restore normal operations within a day.
However, not all feedback was positive. Some attendees voiced concerns about the reliability of CrowdStrike's services following the incident. Seth Faeder, an engineer at ClearChoice Dental Implants Centers, noted that while his company wasn't directly impacted, he had to assist in restoring affected systems for his parent company, which uses CrowdStrike. This experience led him to suggest exploring alternatives like Sophos.
Another cybersecurity professional emphasised the importance of having backup plans in place, stating that while it might be difficult to move away from CrowdStrike entirely, the outage is an indicator of the risks involved in relying too heavily on a single provider.
CrowdStrike's Efforts to Rebuild Trust
Throughout the conference, CrowdStrike sought to reassure attendees of its commitment to resilience and customer support. The action figures distributed at the booth came with a message acknowledging the outage and emphasising the company's dedication to preventing similar incidents in the future. This message was also prominently displayed on screens throughout the conference venue, reinforcing CrowdStrike's focus on transparency and accountability.
Kevin Benacci, CrowdStrike's senior director of corporate communications, highlighted that the company's presence at Black Hat was not just about addressing the incident but also about expressing gratitude to the cybersecurity community for its continued support. Technical experts were on hand to discuss the incident in detail and provide insights into the company's response.
Despite the challenges posed by the outage, CrowdStrike's booth remained busy throughout the conference, suggesting that the company's reputation, while damaged, may not be beyond repair. The resilience and loyalty of some cybersecurity professionals indicate that CrowdStrike still holds a crucial place in the industry.
However, the incident has sparked a broader discussion about the reliability of cybersecurity tools and the need for contingency planning. As the industry reflects on the lessons learned from CrowdStrike's outage, the focus will likely shift to ensuring that even the most trusted systems are equipped to handle unforeseen challenges.
Although there is no evidence that the CrowdStrike outage was caused by malicious activity, some bad actors are attempting to take advantage.
Cyber agencies in the UK and Australia are warning people to be vigilant to fake emails, calls and websites that pretend to be official.
And CrowdStrike head George Kurtz encouraged users to make sure they were speaking to official representatives from the company before downloading fixes. “I want to sincerely apologize directly to all of you for today’s outage. All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority.,” Kurtz said in a blogpost.
Anytime there is a major news event, particularly one involving technology, hackers respond by adjusting their existing methods to account for the anxiety and uncertainty.
We witnessed the same thing with the Covid-19 pandemic when hackers modified their phishing email campaigns to include viral information and even pretended to have an antidote to hack people and organizations.
Because the IT breakdown has become a global news issue, hackers are capitalising.
According to SecureWorks researchers, there has already been a significant increase in CrowdStrike-themed domain registrations, which involve hackers registering new websites that appear to be official and potentially trick IT managers or members of the public into downloading malicious software or handing over private information.
The advice is mostly for IT managers, who are being impacted while they work to restore their organizations' online operations.
Individuals may also be targeted, thus experts advise caution and to only act on information obtained through legitimate CrowdStrike channels.