What is CrowdStrike, the company at the heart of the global Microsoft outage?

Both Microsoft and CrowdStrike scrambled to contain the situation and, as the day progressed, Microsoft reported that several of its apps were gradually back online. Similarly, CrowdStrike ruled out that the incident was a cyberattack. Amidst the chaos, CrowdStrike has been trending on the Internet with statements from CEO George Kurtz even as the cybersecurity company’s stock price plummeted after the outage.

But what is CrowdStrike? And how does it impact the global IT sector?

CrowdStrike is a US-based cybersecurity company that was established in 2011. It was founded by George Kurtz, Dimitri Alperovitch, and Gregg Marston. Kurtz also founded the computer security software company Foundstone and also served as the chief technology officer of McAfee. Alperovitch is an author and thinktank founder and Marston is reportedly retired. The company’s ownership is a combination of institutional, retail, and individual investors. Reportedly, the largest investor is the Vanguard Group, a US investment fund, with a 6.7 per cent share in the company.

Over the years, the company has carved a niche for itself in the cybersecurity space. It has been playing a vital role in helping organisations identify and contain cyber threats. Reportedly, over 29,000 companies, including banks, hospitals, airliners, and several Fortune 500 companies, use cybersecurity software from CrowdStrike.

Based on a 2023 report by Canalys, CrowdStrike is the world leader in endpoint security with an 18.5 per cent market share in Q2 2023. Similarly, several reports have stated that the stocks of the company have increased by 400 per cent in the last five years.

The stupendous rise of the company, which is now valued at $83.4 billion, can be attributed to its aggressive marketing efforts. The company almost instantly became a leader in cybersecurity and witnessed steady growth in its popularity in the last decade.

CrowdStrike has been known for offering customised cybersecurity solutions to large organisations to help with their complex security architecture. Moreover, the organisations that have been using CrowdStrike’s solution have praised it for offering user-friendly solutions and hailed its accuracy in identifying threats.

 What is CrowdStrike used for?

CrowdStrike solutions are only retailed to large organisations, this explains why a lot of individuals did not have to face the blue screen of death – an error screen on Microsoft Windows indicating a system crash. CrowdStrike Falcon is the company’s main product which the company claims to be providing real-time indicators of attack, hyper-accurate detection and automated protection for potential cybersecurity threats.

CrowdStrike is used by thousands of organisations around the world to protect their data. This is why the faulty software update that was rolled out on Friday led to a global outage of Microsoft products.

On July 15, CrowdStrike announced an update to its CrowdStrike Falcon claiming that this would stop breaches with “unprecedented speed and precision across the entire enterprise attack surface”. After the outage, a CrowdStrike spokesperson said it was likely an issue with the Falcon product that led to the incident.

CrowdStrike and US politics

In 2015 and 2016, CrowdStrike made headlines after Russian hackers infiltrated the computer network of the Democratic National Committee (DNC). CrowdStrike was one of the cybersecurity firms along with Mandiant and Fidelis that analysed the forensic evidence and came to the conclusion that Russian intelligence agencies had infiltrated the DNC systems. CrowdStrike, which removed the hacking programmes, exposed a history of such encounters and named hacker groups Cozy Bear and Fancy Bear.

Similarly, in a call between former US President Donald Trump and Ukrainian President Volodymyr Zelenskyy in 2019, Trump made a reference to CrowdStrike in an alleged attempt to bring back the long-discredited conspiracy theory that tries to throw doubt on Russia’s role in the 2016 hacking.

What did the CrowdStrike CEO say about the outage?

After the IT outage mushroomed into a global issue, CEO George Kurtz took to his X account to say that the issue was an outcome of a single update for Windows hosts. The CEO said that the issue was identified and isolated, and a fix has been deployed. After the incident, speculations were rife that it was a cyberattack. However, in a subsequent post, Kurtz asserted that the incident was not the result of a “security or cyber incident”.

Blue screen of death through time

The blue screen of death that was much discussed following the global outage is not a recent phenomenon. BSOD has existed ever since the beta release of Windows 1.0 in 1985, however, it became widely known during the first time of Windows NT 3.1 in the early 90s. These screens originally signalled a system crash after the operating system suffered a critical error. Over time, BSODs came to indicate issues caused by faulty hardware, bad device drivers, or even incompatible software. From error codes to QR, through its evolution, BSOD has displayed different kinds of text in silver against its typical royal blue background.

Not the first time

In April 2010, a similar outage impacted systems worldwide. McAfee is widely known for their anti-virus software back then had mistakenly identified Windows file svhost.exe as a worm leading to a crash of thousands of computers worldwide. The issue was noticed on systems that were running on Windows XP Service Pack 3. The error essentially froze computers affecting police departments, and supermarket chains in the US and Australia. Following the incident, it was reported that the affected system needed manual correction which was deemed time-consuming and labourious. McAfee later apologised and initiated a probe to prevent future incidents. At the time of the incident, George Kurtz the CEO of CrowdStrike was serving as the chief technology officer at McAfee.