How Could an Update Go So Wrong?

cover
23 Jul 2024

By now you're probably aware that a certain segment of the population last week experienced what some of us in the know refer to as the Blue Screen of Deathโ„ข โ€” causing widespread panic and chaos, albeit briefly.

Millions of Windows-based devices that power banks, airports, hospitals, and even broadcast stations went offline and started displaying that dreaded pop-up that usually signifies the unceremonious death of your PC.

Imagine not being able to travel, pay, get treatment, or even tune in to your TV to learn what's going on because.. computer problems. ๐Ÿ™„

So, what happened?

The way it began was that cybersecurity firm Crowdstrike deployed what should have been a regular, run-of-the mill update for its Falcon software to protect customers' computers against new cyber threats.

That update ended up bringing the world to a standstill instead.

The exact reason for why the roll out caused problems on Windows was not entirely clear, but experts speculate that a rogue file in the update apparently did not agree with Microsoft's operating system, causing systems to crash.

Some speculate that faulty code or lack of quality checks prior to deployment could have been the problem. Whatever the case, all hell broke loose.

"This is not a security incident or cyberattack," Crowdstrike Chief Executive George Kurtz tweeted as soon as customers' complaints began piling up.

Naturally, questions have arisen around both Crowdstrike and Microsoft, both of whom hold a sizable market of the cybersecurity and OS space, respectively. One twitter user even posted a comparison of how Crowdstrike compared to its competitors (it's the second most valuable cybersecurity firm in the world).

Judgment against Crowdstrike has been swift though, with the company's stock price plummeting Friday following the fiasco โ€” wiping billions off of its valuation.

Microsoft also saw its stock price fall following the event, dragging the broader stock indices down with it on Friday as the event caused a sell off in tech stocks.

Things don't seem to have gotten better, with Dan Ives, a technical analyst on Wall Street, tweeting that IT outage issues still persisted. "This is not good news for George Kurtz & Co. in an already bad situation as it appears a number of businesses are still finding outage issues," Ives wrote.

The situation is under Control :-)

CNN reports that the cost from the global outage could top $1 billion, but there's no telling yet who will exactly foot the bill. There's a very high likelihood that customers will demand compensation from Crowdstrike, dragging it into legal distractions. Worse yet, Crowdstrike's brand reputation is also going to take a massive hit and its competitors may already be trying to eat away at the company's market share.

In fact, Ives went on to say that Crowdstrike, which was not a widely known brand prior to this event, had become "a household name, but not in a good way."

CrowdStrike CEO Kurtz also has an interesting history in that this isn't the first time he's been at the center of a global tech failure. In 2010, a buggy antivirus update from McAfee caused hundreds of thousands of computers to go kaput!

Kurtz was the chief technology officer of McAfee at the time, and it doesn't look like there was a lot of blow back against him at the time. McAfee was reportedly bought by Intel a few months after the event and Kurtz ultimately ended up leaving the company to create CrowdStrike.

For now, he's in hot water as US lawmakers have called on Kurtz to testify on the global IT outage caused by his company's update.

Meanwhile, Microsoft said the event was a "reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist."

The Windows maker estimated that CrowdStrike's update affected 8.5 million devices running its operating system, which was less than 1% of all Windows machines. "While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services," the company said in a blog post.

I suppose that's Microsoft's way of reminding everyone of the 80-20 rule :-)

Microsoft ranked #2 on HackerNoon's tech company rankings this week.


In Other News.. ๐Ÿ“ฐ

  • Ethereum ETFs Approved by SEC, Bringing Popular Funds to Second-Largest Cryptocurrency โ€” via CoinDesk
  • Cohere raises $500M to beat back generative AI rivals โ€” via TechCrunch
  • Hackers are already taking advantage of the CrowdStrike outage chaos โ€” via CNN
  • Google scraps plan to remove cookies from Chrome โ€” via Reuters
  • The AI-generated disinformation dystopia that wasn't โ€” via Axios
  • Autonomous AI workers that talk to each other will arrive in 2025, Capgemini predicts โ€” via CNBC


And that's a wrap! Don't forget to share this newsletter with your family and friends! See y'all next week. PEACE! โ˜ฎ๏ธ

โ€” Sheharyar Khan, Editor, Business Tech @ HackerNoon


*All rankings are current as of Monday. To see how the rankings have changed, please visit HackerNoon's Tech Company Rankings page.*Tech, What the Heck!? is a once-weekly newsletter written by HackerNoon editors that combine HackerNoon's proprietary data with news-worthy tech stories from around the internet. Humorous and insightful, the newsletter recaps trending events that are shaping the world of tech. Subscribe here.*