CrowdStrike Security Incident

CrowdStrike Outage Timeline, Analysis, & Impact July 24, 2024 Tags: Bitsight Research Share: Facebook Twitter LinkedIn Written by Pedro Umbelino Principal Research Scientist The CrowdStrike Outage Timeline As we are all very aware, being a technical person or layman, the recent CrowdStrike outage caused disruptions on a myriad of systems worldwide, affecting multiple industry sectors and millions of people in some way, shape, or format. On July 19, 2024, as a result of a faulty update to CrowdStrike Falcon sensor configuration for Windows systems, intended to enhance security by targeting newly observed malicious activities, there was an inadvertent logic error that led to widespread system crashes and blue screens of death (BSOD) on affected machines. Bitsight estimates that this chain of events immediately impacted and led to a significant drop in the number of systems and organizations that connected to CrowdStrike Falcon serversbetween 15% and 20%. Throughout this article, we will dive into our observations around the fatidical date and the strange patterns we observed just days before the big outage happened. According to CrowdStrike and other sources, the timeline of events was as follows: July 19, 2024, 04:09 UTC : CrowdStrike released a sensor configuration update, Channel File 291, to Windows systems as part of their ongoing operations. This update triggered a logic error that caused system crashes on impacted machines. July 19, 2024, 05:27 UTC : CrowdStrike identified the issue and reverted the changes, but by then, many systems had already been affected. The update impacted Windows 10 and later versions, but did not affect Mac and Linux systems, which also happen to have an inherently different kernel architecture. Immediate Impact : The faulty update caused significant disruptions globally. Approximately 8.5 million devices were affected , leading to outages in various sectors, including airlines, healthcare, and financial institutions. Notably,...

... (truncated for display)