What is CrowdStrike?
Friday was a very frustrating day for many people because of the massive tech glitch that created chaos at businesses and organizations. Flights were grounded, medical procedures put off, TV broadcasts stopped. All this and plenty more came after a software update by cybersecurity company CrowdStrike disabled machines running Microsoft Windows, confronting users with the dreaded “blue screen of death.”
Tech support workers everywhere scrambled to make their fixes while the Mac and Linux crowds were probably feeling a bit smug. Yet it was not a cyberattack or malicious hacking that brought activity to a screeching halt, but wayward code that was meant to be helpful. CrowdStrike said, essentially, “My bad.”
Football fans may remember CrowdStrike from its Super Bowl ad featuring a futuristic Western town attacked by cyborg outlaws. “Today’s adversaries move fast. CrowdStrike moves faster,” the narrator says.
But for the people anxiously milling around airports and hospitals, the Austin, Texas-based cybersecurity company is hardly a hero. It is powerful, though.
“I think the depth of headlines that are out right now in terms of disruptions across the globe speak for how big a player they are,” said Kevin Cleary of the University at Buffalo School of Management.
A big player whose products are typically used at the enterprise level, which is why everyday people may not have been familiar with the company before.
And what does CrowdStrike actually do?
“It kind of does the same thing that classical antivirus would do,” Cleary said. “It’s looking at different files that are downloaded to your computer. It’s looking at different system states, it’s looking at logs, it’s looking at different kinds of network traffic.”
To look for a malicious needle in a haystack, said Avi Rubin with Johns Hopkins, the security software needs to be deeply embedded in computer operating systems.
“Ironically, that means that if something goes wrong, they’re vulnerable to having even more serious problems than other types of software,” Rubin said. Problems that take time to resolve — in this case, computer by computer.
“Unfortunately, the fix is a little bit difficult because it requires booting up the system in something called safe mode,” Rubin said.
The disruption shows that internet companies have become critical infrastructure, though they’re not regulated like water or sewage, said Bruce Schneier with the Harvard Kennedy School.
“All of these companies, all of them, not just the one that failed today but the hundreds of others, are incentivized by the market to be as lean and efficient as possible,” Schneier said.
Maybe too lean to cover all their bases, considering that if a technology provider like CrowdStrike goes down, a lot of other things go down too.
Stories You Might Like
There’s a lot happening in the world. Through it all, Marketplace is here for you.
You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible.
Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.
