$CrowdStrike (CRWD.US)$The global crash on Friday caused a large number of flights to be grounded, disrupting the market and causing operational problems for multiple companies. Meanwhile, there were also Azure cloud service issues on the same day, making the situation more complex and expected to take several days to eliminate all impact.$Microsoft (MSFT.US)$What is CrowdStrike?

This cybersecurity company is a major anti-ransomware supplier, accounting for about 18% of the $8.6 billion endpoint detection and response software market, second only to Microsoft, according to research firm IDC. Its software is considered one of the best defenses against various emerging hacker threats, mainly by combining AI with traditional security strategies to keep up with attackers.

Why did the global IT collapse happen?

CrowdStrike's incorrect software update caused a series of failures for industry clients in aviation, banking, medical care, retail, and other sectors. The company worked hard to fix the problem and claimed that the outage was not caused by a network attack or security vulnerability.

How will the problem be solved?

CrowdStrike CEO George Kurtz said the root cause of the problem has been found and the company has deployed a fix. Any Windows desktop or laptop computers affected by the update will need to be updated again. (Mac and Linux machines are not affected.) Manually restarting computers around the world is a time-consuming process. CrowdStrike's technical support team suggested that one client may need to restart affected systems up to 15 times.

Who was affected?

Medical care systems, airlines, ports, enterprises, and governments have all been affected. McDonald's, UPS, and FedEx have also experienced issues. For airlines, the outage has caused communication problems between planes and ground control, affecting passenger travel. United Airlines, Delta, American Airlines, Lufthansa, Air France, Ryanair are gradually recovering, but at a slow pace. FlightAware shows more than 21,000 global flight delays. Employees of banks such as JPMorgan, Nomura Holdings, and Bank of America were unable to log in to their company systems on Friday.

How was Microsoft involved?

CrowdStrike's faulty update caused the Microsoft systems running this program to crash along with it. An incident involving Microsoft's Azure cloud service also caused service disruptions. Microsoft said that the root cause had been resolved, but users will still feel the 'lingering impact.'

Microsoft and CrowdStrike are competitors, and both provide similar endpoint network security products. Kurtz, of CrowdStrike, previously mocked Microsoft. In June, after the Department of Homeland Security reported security issues with Microsoft, Kurtz said Microsoft customers were experiencing a 'widespread crisis of trust.'

How does CrowdStrike's software work?

CrowdStrike's software types differ from traditional, limited-version security software. Traditional antivirus software was useful in the early days of computer and internet development because it could capture signs of known malicious software, but as attacks became increasingly complex, this software became less popular. Now, products like CrowdStrike's endpoint detection and response software are much more effective. They continuously scan machines, looking for any signs of suspicious activity and automatically responding.

But to do this, the program must be given access in order to look for security flaws at the core of the computer operating system. This access gives them the ability to break the system they are trying to protect. On Friday, Microsoft's Windows system had this kind of problem, causing a large number of users to experience 'blue screen crashes.' CrowdStrike attributes this incident to 'flaws discovered in a content update to Windows hosts.'

Cybersecurity professionals say that CrowdStrike's technology is a powerful tool for resisting ransomware, but its cost (which can exceed $50 per machine in some cases) means that most businesses will not install it on all computers. This means that computers with the software installed are the most vulnerable to attacks; if they crash, critical services will also be affected.

Editor/Somer