On Friday, the world went haywire, demonstrating how indispensable the internet and software functionality are for us today. But what exactly happened, and what lessons can we learn from it?

Crowdstrike: not a virus

Many people, upon hearing the name of what caused the disruptions on Friday, assumed it was a virus. After all, it’s easy to think that a hacker attack could have caused significant damage; it wouldn’t be the first time. However, global disruptions like these require a rare level of effectiveness, especially since the affected systems are often very different from one another. It’s hard to imagine they all share the same security flaw.

Instead, this name belongs to a major company in the world of cybersecurity, one that provides antivirus software to safeguard important entities. Among their most significant clients are banks, airlines, and essential services.

The facts

On Friday, July 19, 2024, the world woke up to a nightmare: numerous services, including those related to civil aviation, stopped functioning. Banking services were down, and it was difficult to navigate through a sea of more or less catastrophic hypotheses. The only certainty was that it was something related to Windows machines. It was easy to suspect a security flaw. However, the answer was much more complex than anyone could have imagined at that precise moment.

Crowdstrike: reliable products for big clients (most of the time)

As mentioned earlier, Crowdstrike produces software for large business environments that demand reliability without major surprises. Many of the companies listed in the Fortune 1000, the magazine’s ranking of the most important entities in the USA, are among their clients. Until now, there had been no surprises at all.

It All Started with an Update

However, when the company launched an update for Falcon, a protection suite and Crowdstrike’s flagship product, things did not go well. The update affected the core of Windows, a very sensitive part of the system that, when it detects a malfunction, causes the system to crash. The problem was that now Microsoft’s operating system refused to restart.

The biggest hurdle was that this was not just an error involving the Falcon software. By affecting the system, it required first fixing Windows to make it restart and only then installing the fix distributed by Crowdstrike.

The Current Situation

After affecting approximately eight and a half million computers, the problem has been managed and resolved. However, this highlights the need to be cautious when modifying software or projects. The consequences can be unexpected. In today’s world, exercising utmost caution is necessary.