CrowdStrike pledges improved tests to prevent future IT outages

CrowdStrike has said it will improve software testing procedures after its systems crashed last week, causing an IT outage which impacted thousands of organisations around the world.

The glitch occurred during a software update for Falcon sensor – the company's platform built to prevent breaches – which affected some companies reliant on Microsoft systems, including banks, airlines, and travel businesses.

CrowdStrike is a global cybersecurity firm with a cloud-native platform designed to protect endpoints, cloud workloads, identities and data.

On Wednesday, the company said that it would improve existing measures by introducing new testing types like local developer, content update and rollback, stress, fuzzing, fault injection, stability, and content interface testing.

CrowdStrike also pledged to introduce additional validation checks to prevent similar issues happening in the future, as well as strengthen error handling mechanism in the Falcon sensor to make sure errors from problematic content are "managed gracefully".

Additionally it said it would be conducting several independent third-party security code reviews and refine its deployment strategy.

Last week, both Gatwick and Heathrow said that they had been impacted by the outage, with some passengers experiencing delays whilst checking in and passing through security.

Around the world, there were over 9,000 flights cancelled due to the crash, according to aviation analyst Cirium.

Several railway companies, including Southern and Thameslink, also reported "widespread IT issues" across their entire networks.

Meanwhile, the executive chair of Sky News announced that the broadcaster was unable to broadcast live TV on Friday morning as a result of the outage.

At the time, Omer Grossman, chief information officer at identity security company CyberArk, said that the outage will be one of the "most significant" cyber issues of 2024.

"CrowdStrike’s platform approach, which relies on a single agent focused on detection, might seem good at first glance, but as we can see, it can create significant issues,” said Al Lakhani, chief executive of cyber firm IDEE. “For instance, agents require installation and maintenance of software on multiple different OSes, adding layers of complexity and potential points of failure."

He warned that this means that agents can become a single point of failure, as a bad update can compromise the entire network, as seen with the SolarWinds attack.



Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.