A faulty content update caused a system crash for Windows hosts on the CrowdStrike cybersecurity company’s CrowdStrike Falcon® platform. This event affected critical infrastructure worldwide, including airlines, banks, and hospitals. According to CrowdStrike’s blog, the “sensor configuration update that caused the system crash was remediated” within an hour and a half; however, implementing the fix has been a bit more complicated and time-consuming. CrowdStrike created a Remediation and Guidance Hub to guide and inform customers. The Cybersecurity and Infrastructure Security Agency (CISA) has released an ongoing alert updating the public on this event and its potential opening for phishing attempts and other malicious activity from cyber threat actors.
Date of event: July 19, 2024
Impact:
- Outage affected about 8.5 million Windows devices (Microsoft)
- Thousands of flights canceled worldwide (The Independent)
- At least 12 major American health facilities affected by outage (ABC News)
Related Resources:
HSDL Featured Topics: Infrastructure Protection | Cyber Threat Actors | Cyber Policy
HSDL Search: Incident Response | Software Security | Cloud Computing
Photo Credit: pathroom via Shutterstock