FREE Secure Score Assessment for Cyber Security Awareness Month
Book now
layer 1 layer 2 layer 3 layer 4 layer 5 abstract shapes

What Caused the CrowdStrike IT Outage and How Can it be Managed?

Posted 25th July 2024

The recent CrowdStrike incident caused worldwide disruption, affecting sectors across the corporate spectrum and acting as a harsh reminder of the need for robust IT infrastructure and crisis management.  

CrowdStrike, a cyber security firm which provides antivirus software to customers who use Windows, triggered the IT outage when it sent out a software update containing a glitch that crashed Windows computers running its software.  

What Did the CrowdStrike Outage Affect? 

The Microsoft outage impacted multiple sectors. The “blue screen of death” grounded flights, forced the cancellation of hospital appointments and prevented employees worldwide from completing critical tasks.  

In response, the day after the event, Microsoft released a recovery tool to help repair affected Windows machines, complementing CrowdStrike’s earlier published instructions for fixing crashed devices. 

Why Did It Happen? 

The IT service outages were caused by a bug in a content configuration update for the CrowdStrike threat intelligence Falcon platform, allowing “problematic content data” to be deployed to the firm’s customers.  

Triggering an “unexpected exception”, the faulty content data prompted a Windows operating system crash. 

As customers and regulators wait for a more detailed explanation of what went wrong, CrowdStrike has since reported that a “significant number” of the approximately 8.5 million computers that crashed on July 19th are now back in operation. 

Why BCN Recommends Switching to Managed Defender 

For businesses currently using CrowdStrike, BCN recommends switching to Managed Defender 

Managed Defender offers a range of benefits, including enhanced integration with the Microsoft ecosystem, proactive threat detection using advanced AI and machine learning, simplified security management, and comprehensive protection across various endpoints.  

Enhanced Integration with Microsoft Ecosystem

Managed Defender is deeply integrated with the Microsoft environment. It provides seamless compatibility with other Microsoft tools and services to ensure better performance, streamlined updates, and comprehensive support. 

Proactive Threat Detection

Managed Defender leverages advanced AI and machine learning to detect and mitigate threats in real-time. This feature reduces the risk of undetected vulnerabilities and enhances the organisation’s overall cyber security posture. 

Simplified Management

Managed Defender offers a unified security management platform, simplifying administration and reducing the complexity of managing multiple security solutions. This ease of use is particularly beneficial for IT teams handling large-scale operations. 

Comprehensive Protection

Managed Defender provides extensive protection across various endpoints, including email, identity, and cloud environments. Its holistic approach ensures that all potential attack vectors are secured. 

Aligning with the Switch to Managed Defender 

Assessment and Planning 

  • Conduct a thorough assessment of your current security setup and identify areas where Managed Defender can provide improvements. 
  • Plan the transition in phases to minimise disruption and ensure all aspects of security are covered. 

Licensing and Costs 

  • Review licensing requirements for Managed Defender and compare costs with your current CrowdStrike solution. 
  • Consider potential savings from reduced complexity and improved efficiency. 

Training and Support 

  • Ensure your IT team receives adequate training on Managed Defender’s features and management. 
  • Utilise Microsoft’s extensive support resources to assist during the transition and ongoing operations. 

Data Migration 

  • Plan for data migration from CrowdStrike to Managed Defender, ensuring that historical data and logs are preserved and accessible. 
  • Test the migration process in a controlled environment before full implementation. 

Security Policies 

  • Update security policies and procedures to reflect the capabilities and best practices associated with Managed Defender. 
  • Regularly review and adjust policies to maintain optimal security. 

What Is the “Blue Screen of Death?” 

The ‘blue screen of death’ (BSOD) is a critical error screen that appears in distinctive blue on Windows computers after a system crash and usually indicates that something serious has gone wrong. While restarting the computer might fix the problem, it could mean there are significant system issues that need immediate attention. 

Where this is the case, managing and resolving the BSOD involves diagnosing the underlying problem, applying necessary fixes and checks and ensuring system stability through updates and maintenance. 

Steps to Take Towards Fixing the CrowdStrike Issue 

To address the recent CrowdStrike-induced BSOD, Microsoft has launched a fix for affected systems.  

Implementing this fix is crucial for recovery, and Microsoft has provided detailed instructions on how to do it here. 

How to Protect Your Systems for the Future Against Issues like CrowdStrike

Preventing similar issues from affecting your Windows-enabled machines in the future requires a proactive approach and several precautions: 

Test All Updates: Ensure all new updates have been tested prior to wider release.

Cloud Backups: Ensure systems are backed up on cloud servers to facilitate quick rollbacks. 

Alternative Systems: Maintain an alternative system to switch to in case of critical failures, minimising operational disruption. 

How BCN Can Develop Cyber Security and Disaster Recovery Plans to Meet Your Business’s Needs 

As a Microsoft Solutions Partner for Security,  BCN specialises in creating robust cyber security strategies, products and services including backup and recovery that protect against any IT outage tailored to your business needs.

We have also been awarding Microsoft’s Cloud Security specialisation for our outstanding capabilities and proven experience in implementing comprehensive cyber security protection across customers’ Microsoft Azure, hybrid and multi-cloud environments.

       

We also launched out Cyber Security Pledge   to demonstrate our commitment to keeping our customer’s safe.

BCN’s Cyber Security

Talk to our Cyber Security Experts

Contact us down down down