CrowdStrike - a Fire Sale

Fri, Jul 19, 2024

“Everything must go.”

It all started with what seemed like sporadic road accidents around the globe. Then it happened: the centralized transportation control rooms began behaving erratically, their algorithms producing bizarre and unpredictable outputs. The transportation systems were collapsing—traffic lights flashed random colors, train controls became unresponsive, and airport systems failed catastrophically, grounding all airplanes.

Then came the financial systems—credit card networks crashed, transactions froze, and banks went offline, locking millions out of their accounts.

Hospitals, too, were not spared. Life-saving equipment failed, critical patient data was lost, and doctors had to revert to paper charts and the Checklist Manifesto. It seemed like everything was going down—the electrical grid fluctuated wildly, communication channels were compromised, and satellite systems spun out of control.

Of course, this from a fun movie, Die Hard 4, “It’s a Fire Sale.”

A fire sale is the sale of goods at extremely discounted prices, originating from the sale of goods heavily discounted due to fire damage. In financial markets, fire sales occur when high-value bidders are prevented from bidding, depressing the average selling price.

The world experienced something alarmingly similar recently—the CrowdStrike Incident. On 19 July 2024, CrowdStrike distributed a faulty update to its security software, causing an estimated 8.5 million computers and virtual machines running Microsoft Windows to crash. These affected computers—primarily business and governmental machines—were unable to reboot properly, leading to a massive disruption of critical and non-critical services worldwide. This outage has been described as the largest in information technology history and “historic in scale.”

The outage wreaked havoc on airlines, airports, banks, hotels, hospitals, manufacturing plants, stock markets, and broadcasting networks. Even governmental services, including emergency services and websites, were paralyzed.

Though the error was discovered and a fix released within hours, the need for each affected computer to be manually reset meant outages lingered across many services.

CrowdStrike is a cybersecurity company providing cloud workload protection, endpoint security, threat intelligence, and cyberattack response services.