On July 19, 2024, a botched CrowdStrike Falcon sensor update for Windows operating systems led to the largest IT outage in recent history. Although the issue stemmed from a technical malfunction, it inadvertently opened the door for real threat actors to exploit the situation. This incident has triggered a wave of malicious activities, particularly targeting CrowdStrike’s Latin American (LATAM) customers.

On July 19, 2024, CrowdStrike, a global cybersecurity company, experienced a significant outage caused by a faulty software update. This incident impacted millions of Windows machines across multiple industries, including transportation, defense, manufacturing, and finance. CrowdStrike has released an official statement and is posting updates on their blog. Microsoft has also published a blog with remediations, which we encourage you to review.

In the early morning hours of Friday, July 19, a single software update from cybersecurity firm CrowdStrike sparked an unprecedented global IT outage. The incident continues to impact organizations, governments, and end users around the world, disrupting everything from mission-critical infrastructure and airlines to hospitals, retailers, and more. We at 11:11 Systems understand the gravity of this unfortunate situation and want to wish all of those affected a quick and complete recovery.

By now, everyone is aware of the CrowdStrike Falcon update that caused major disruptions to key services such as hospitals, flights, news channels, and millions of end-user and cloud-based Windows machines worldwide. Details, including recovery options, can be found in the CrowdStrike advisory. At Indusface, designing for failure is a core tenet that we use while building all our SaaS products. After all, despite the best processes, checks, and balances, any system can fail.

Earlier today, CrowdStrike released a new update on their Falcon Sensor product. Unfortunately, the update caused technical issues, resulting in major outages globally to Microsoft Windows machines. The issue caused the “Blue Screen of Death” and several reports worldwide stated that several industries were affected, such as airlines, banks, media, etc. According to CrowdStrike Tech Alert, they are already aware of reports of crashes on Windows hosts related to the CrowdStrike Sensors.

As I write this, billions of users are looking at “the blue screen of death.” Flights are grounded around the world, 9-1-1 service is offline in the entire state of Alaska, hospitals can’t check in patients, retailers cannot make sales because their POS systems are down, Newark airport has reverted to paper tickets for check-in, and countless other organizations are at a standstill. This is the top story on every major news site I’ve checked. What could cause this carnage?

In the early hours of July 19th, 2024, CrowdStrike endpoints on Windows machines worldwide received a faulty content update, causing what is shaping up to be the one of the largest global IT outages to date. All over the world reports of Windows workstations and servers stuck in a boot loop with a BSOD were pouring in, impacting airlines, airports, banks, hospitals and many other critical infrastructures such as emergency services call centers, and the list goes on.

As most in the industry are aware, a defective content update to CrowdStrike’s Falcon Sensor for Windows led to a global cascade of system outages affecting critical industry sectors such as transportation, banking, healthcare, and public safety. Many enterprises and government agencies around the world are still actively managing their response to this incident.

Our team at Arctic Wolf has been following the CrowdStrike issue affecting Windows endpoints since approximately 12 AM EST on July 19th, 2024. Although Arctic Wolf’s service is not impacted, some of our customers who leverage CrowdStrike for endpoint security are experiencing widespread outages. Arctic Wolf continues to protect and monitor these customers’ environments while they focus their attention on recovering from this event.