A recent software update from CrowdStrike led to a colossal outage on July 19 that disrupted 8.5 million computer systems worldwide. This incident, which caused devices using the Falcon platform on Windows to encounter critical memory errors, has significantly impacted the Texas-based cybersecurity company. The repercussions were severe, with CrowdStrike losing nearly $30 billion in market cap. The company, known for safeguarding digital infrastructures, now faces scrutiny due to this significant failure.
Origins and Growth of CrowdStrike
CrowdStrike was launched in 2011 by George Kurtz, Dmitri Alperovitch, and Gregg Marston. Kurtz, previously recognized for his work in cybersecurity, had notable achievements, including founding Foundstone and serving as CTO at McAfee. With initial funding from Warburg Pincus, CrowdStrike quickly grew, achieving a billion-dollar valuation within six years and going public in 2019. By 2021, CrowdStrike had established itself as a leader in the cybersecurity industry, receiving numerous accolades.
Role of Microsoft in the Outage
The widespread impact of the outage was partly attributed to Microsoft’s policy of allowing third-party applications kernel-level access. This access, while enabling more functionality and integration, also made systems more vulnerable to failures from such updates. Comparatively, Apple‘s decision to restrict kernel access since 2020 has prevented similar issues on its devices. CrowdStrike’s CEO, George Kurtz, publicly apologized for the disruption and acknowledged the company’s responsibility.
There have been previous instances where Kurtz, while at McAfee, faced similar challenges. In 2010, a McAfee update caused significant disruptions to Windows XP systems. The recent CrowdStrike incident echoes this earlier problem, raising concerns about the robustness of these updates and the policies around third-party access to critical system components.
CrowdStrike’s rivalry with Microsoft adds another layer to the narrative. Despite collaborating to resolve the recent outage, the two companies are fierce competitors in the cybersecurity sector. Previous public criticisms and competitive tensions underscore the complex dynamics between them. Microsoft’s potential policy changes to restrict kernel access might face challenges, drawing parallels to their 2006 attempt, which was opposed by cybersecurity firms and regulators.
The situation has sparked discussions about Microsoft’s practices and the potential anti-competitive nature of allowing its cybersecurity solutions kernel access while restricting others. If regulatory measures force Microsoft to alter its approach, the landscape of the cybersecurity industry could shift, potentially benefiting CrowdStrike in the long run.
- CrowdStrike’s update caused a global tech outage on July 19.
- Microsoft’s policy on kernel access contributed to the outage.
- Potential regulatory actions may change the cybersecurity landscape.
