On July 18, millions of Windows devices simply stopped working. With everything from hospitals and airlines to fast food chains being affected, many people experienced delays in services and feared that they were victims of a massive cyber attack. Luckily, this was not the case, although the aftermath of the incident was equally disruptive. Taking a minute to understand what happened that day will help you know what this outage means for your business’s cybersecurity.

What Caused the Microsoft CrowdStrike Outage?

So what exactly happened? CrowdStrike is a cybersecurity company that many big corporations use. They routinely run remote updates on their software to adjust for new cyber threats and improve their product. There was an error in the coding of the July 18 update, which was incompatible with the Microsoft operating system. So any Windows device that had CrowdStrike downloaded stopped working when the update ran. Soon after the outage, CrowdStrike launched a new update that would rectify the issue, which ran automatically on only some devices. Others, however, required more manual adjustments to get back online.

Cybersecurity Implications

While the outage wasn’t caused by malicious hackers, the cybersecurity of many organizations was nonetheless put at risk during the outage. When systems are down, companies are automatically more susceptible to attacks for a few reasons. The outage serves as a kind of diversion, leading organizations to focus on trying to get up and running rather than keeping an eye out for threats. They may leave security gaps, cut corners, or ignore best cybersecurity practices in their rush to get systems online again—unintentionally letting their guard down. Scammers took advantage of these circumstances and struck when companies were most vulnerable. Many phishing sites and emails were created, with criminals acting as the CrowdStrike support team and hoping to steal information or access systems. Ideally, there can also be positive implications of situations like these:
  • Software companies can run safety checks on updates.
  • Teams can improve their business continuity strategies. 
  • We all can consider the larger implications of widespread device administration (including remote updates) and be more alert to changes—even if they’re coming from a reliable source.

Staying Prepared

You, like many other business professionals, may worry about what outages like this mean for your company—it’s definitely disconcerting to think about what effects small software update mistakes could have on operations. In an interview with KFOR News, iTology CEO Cory Carson commented on this common response to the incident: “We have a knee-jerk reaction to be concerned. The good news is many of the events are isolated and don’t cause significant outages.” It’s good to know that widespread outages aren’t common, but it’s also wise to use this concern to help us prepare for unexpected cyber events. Here are a few ways you can prepare your organization to withstand cases like the CrowdStrike Outage:

Leverage Cybersecurity Risk Assessments

The easiest way to know what your business is lacking in terms of defense is by getting a cybersecurity risk assessment. It’ll tell you what services your business needs and where you’re most vulnerable. That way if an outage ever surprises you again, you’ll be prepared with tailored solutions.

Utilize Backup Strategies

Careful backup strategies are also essential for protecting yourself during potential outages. Schedule regular backups, both on-site and in the cloud, so your data remains secure and easily retrievable. Develop a clear recovery plan so you can respond quickly and minimize downtime in the event of an incident.

Partner with a Trusted MSP

A reliable managed service provider (MSP) can offer expertise in disaster management and recovery, help you choose good providers, set up your backup plans, and more, allowing you to have a swift recovery in case of an emergency. They can also monitor your systems and perform the necessary patches, updates, and cybersecurity practices to keep you safe.

Prioritize Safe Systems with iTology

At iTology, we have 17 years of experience and a wealth of knowledge about cybersecurity, disaster recovery, software management, and more. We don’t want current cyber events to leave you feeling lost—we want you to feel prepared. That’s why we’ll study your company and your systems so we can develop the perfect strategy for navigating unexpected events. With iTology’s help, you’ll be ready for anything. Get in touch to receive a cybersecurity risk assessment.