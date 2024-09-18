The CrowdStrike outage in mid-July was a reminder that aviation's intricate supply chains are susceptible to cyber risk in many forms.

The percentage of the population that had heard of CrowdStrike before Friday, July 19, 2024, was probably limited to individuals that work in the IT and cyber security industries. A day later, pretty much the whole world had heard of it, especially those who had medical procedures, financial transactions or travel plans interrupted.

On July 19, CrowdStrike released a flawed software configuration file update to Falcon Sensor, a vulnerability scanner that detects system intrusions and hacking attempts. The update disrupted millions of computers worldwide that used the Windows operating system.

The rising importance of endpoint security

But before we get into the impact that the incident had on the aviation sector, we should first touch upon who and what CrowdStrike is. Based in Austin, Texas, CrowdStrike is a cyber security company that provides threat intelligence and cyber-attack response services to a great many companies worldwide, from small vendors to large conglomerate corporations. Formed in 2011, it focused on the endpoint protection market, the area of a network that includes desktops, laptops and mobile devices. The company flourished because data storage and processing were in the process of migrating to the cloud and endpoint protection was becoming a key focus of IT security.

The company's reputation was enhanced in 2016 when it revealed that it had identified attempts to hack various U.S. government entities, including the White House, the State Department and the Joint Chiefs of Staff, by two hacking groups with alleged links to the intelligence agencies of an allegedly hostile government.

Growth accelerated further in 2023 when the Securities & Exchange Commission, the primary financial markets regulator in the U.S., announced that publicly listed companies would be required to disclose both their cyber-security incidents and their cyber-security risk management, strategy and governance.1

By 2024 CrowdStrike had cornered nearly 25% of the endpoint security market share and was one of the best performing companies in the S&P 500 index.

Glitch to cascade

So what went wrong? The July update appears to have contained some errors in the logic computers use which created issues when the affected computers were booted up. The notorious "blue screen of death" was just one of the symptoms.

The glitch hit fewer than 1% of Windows-based computers, but this still translated to around 8.5 million devices worldwide.2 In a blog post cited by the Reuters news agency, Microsoft stated "While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services."3