The massive IT outage affecting computers systems worldwide has been linked to a software update on Microsoft Windows operating systems issued by Crowdstrike, a cybersecurity firm.
The outage grounded flights, knocked banks offline and media outlets off air in a massive disruption that affected companies and services around the world and highlighted dependence on software from a handful of providers.
What is Crowdstrike Falcon?
Founded in 2011, the Texas-based Crowdstrike is a cloud-based cybersecurity platform used by a major share of the global tech market. More than half of Fortune 500 companies use their software known as Falcon to keep their systems safe from malware and cyberattacks, according to Crowdstrike.
How does Crowdstrike work?
Falcon provides what's known as "endpoint detection response" capabilities. That means if Falcon detects a threat, it has the ability to stop itself instead of just alerting a company.
"Falcon Prevent can stop execution of malicious code, block zero-day exploits, kill processes and contain command and control callbacks," the company says in its FAQs.
U.S. & World
In order to do this, the software must have broad privileges to run across a computer's internal systems and programs. This web of integration between Falcon and a computer's core software — in this case Microsoft 365 — means if Falcon crashes or malfunctions, it can have a ripple affect within the core system.
What caused the global IT outage on Friday?
Feeling out of the loop? We'll catch you up on the Chicago news you need to know. Sign up for the weekly Chicago Catch-Up newsletter.
CrowdStrike CEO George Kurtz said Friday's outage was not a security incident or cyberattack. Kurtz said there was a defect in a “single content update for Windows hosts.” The issue affected Microsoft 365 apps and services.
Mac and Linux hosts were not affected.