(KXAN/NEXSTAR) – CrowdStrike, a cybersecurity firm based in Texas, has said that a global technology outage affecting banks, hospitals and other industries was caused by a defect in one of its security updates.
“This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,” the company said in a statement obtained by the Associated Press.
The outage, on Friday morning, caused widespread disruptions to computers running Microsoft Windows operating systems, The Verge reported. Specifically, the update took the computers offline, then caused them to be stuck in a “recovery boot loop” which prevented their systems from restarting right away, according to the outlet.
As a result, computer systems that help to manage some airports, hospital systems and even 911 call centers went down, with outages still affecting many systems as of Friday morning, CNET reported. Microsoft has said it had completed “mitigation actions” in a tweet shared just before 11 a.m. EST, though that may not come as much relief for those relied on CrowdStrike to keep their computer operations running smoothly.
What is CrowdStrike?
CrowdStrike bills itself as a “global security leader,” providing software to help businesses around the world identify, prevent or stop security breaches.
The company was founded in 2011, with an initial public offering in 2019. It designated its official headquarters as Austin in 2021 to meet requirements set by the Securities and Exchange Commission (SEC), but defines itself as a “remote-first” company with ties to many communities around the world.
CrowdStrike’s first product, CrowdStrike Falcon, was released in 2013 and remains the company’s flagship product. It also was the program that received the faulty update.
According to the company, the Falcon platform is “AI-native,” using generative AI and workflow automation.
“With generative AI as the foundation of the Falcon platform, we are unifying Security and IT by empowering teams to ask a question, answer it and take action on any IT issue, as easily as having a conversation, all from a single platform experience,” said George Kurtz, CrowdStrike CEO and co-founder in a February press release. “This is the future of modern security.”
Kurtz previously worked as cybersecurity company McAfee’s chief technology officer and authored the book “Hacking Exposed: Network Security Secrets & Solutions.”
In addition to software, the company also provides security consulting. It also previously assisted in the investigation of major cybersecurity events, such as the Sony Pictures hack and the 2016 hack of the Democratic National Committee, according to reporting by CSO and Forbes.
The company’s annual report, filed in May, shows a confident position with the company telling its investors that Falcon is the future of the cybersecurity industry.
“Using cloud-scale AI, our Security Cloud enriches and correlates trillions of cybersecurity events per week … to create actionable data, identify shifts in adversary tactics, and automatically prevent threats in real-time across our customer base,” the filing reads. “The more data that is fed into our Falcon platform, the more intelligent our Security Cloud becomes, and the more our customers benefit, creating a powerful network effect that increases the overall value we provide.”
The filing includes an audit report from CrowdStrike’s accounting firm PricewaterhouseCoopers LLP. That audit found healthy numbers for the company, with an increase in revenue and shareholder equity year-over-year from 2023.
The company’s stock price made a rapid drop at the start of trading Friday, but is still ahead of its performance in 2023, according to NASDAQ data. Currently, the stock has dropped 9.15% to $311.72 per share, below its previous close of $343.05. It began to rally just before 10 a.m. ET.
On Friday, Kurtz appeared on NBC’s “Today,” expressing regret for the impact of outages.
“I want to start with saying we’re deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this, including our company,” Kurtz said. “We have identified this very quickly and remediated the issue … we are working with each and every customer to make sure that we can bring them back online. But this was the extent of an issue, in terms of the bug that was related to our update.”
On its blog, CrowdStrike also offered workarounds for organizations attempting to restart their computer systems.
The Associated Press contributed to this report.