It's a software update with huge implications. Businesses around the world have been hit with technology issues after an update from cybersecurity firm CrowdStrike (CRWD) impacted Microsoft (MSFT) systems. It led to delayed and canceled flights, closed stores for the day, and left millions with headaches. CrowdStrike CEO George Kurtz posted on X that the outage was not caused by a cyberattack and that a fix had been implemented. Many believe it could take a few days for all systems to be fully back online.
Microsoft corporate vice president and deputy CISO Ann Johnson tells Market Domination what went wrong. Johnson used the analogy of updating an app on your smartphone overnight. That's essentially what CrowdStrike did; they pushed out an update overnight, and that update created chaos in systems. Johnson explains that Microsoft is working with CrowdStrike to help customers affected by the update, adding that Microsoft has engineers working to help companies implement the fix.
Johnson said it's hard to say how long it will take for all the issues to be fully resolved, but ultimately he believes CrowdStrike did thoroughly test the update and the issue was "something unexpected."
For more expert insights and the latest market activity, click here to watch the full episode of Market Domination.
This post was written by Stephanie Mikulich.Video transcript
The mob strike update is the root cause of the outages, as it brought down the Microsoft systems that were running the program.
Microsoft's Ann Johnson, Deputy Chief Information Security Officer and Corporate Vice President of Ann, is here now to provide further clarification.
Thank you very much for joining us.
I'm sure it's a busy day at Microsoft.
What can you tell us, particularly for us laypeople, about how this has filtered through the systems and what the process has been like to get everything up and running again?
Yes.
Thank you very much Julie, thank you for having me on Look, Crowdstrike.
The story continues
Uh, there was an update released last night.
This also applies to people who are not constantly involved with this technology.
Imagine updating an app on your phone, right?
While this had no impact on consumers, it was mainly businesses that used Crowdstrike as one of their security solutions to outperform and fend off these major global attacks.
And customers who had solutions with Crowdstrike and it was a global IT outage.
Uh, we work really hard.
We work together with Crowdstrike.
We have many conversations with them.
They have published guidelines on the website.
I would strongly encourage people to follow these guidelines, as you can imagine there is a lot of misinformation circulating on social media and various other places. Additionally, we have teams of engineers working on making it easier for people to apply the fixes for this Crowdstrike cloud update.
We work and have conversations with crowdstrike.
We've been on the phone with them all morning.
We have teams of engineers and of course we have teams of our support engineers who work directly with customers to resolve issues as quickly as possible and get them back up and running.
And I'm curious, how long do you think this is going to last?
You know, it's completely resolved.
We do see some recovery, but is it hours, days or, or is it just too difficult to say at this point.
Yeah, Josh, that's a tough question to answer because every customer thinks these are big, potentially the biggest companies in the world and they have very complex systems.
And because Crowdstrike is such an integrated part of those systems, there are times when they have to do manual updates. We're working very quickly with Crowdstrike to remove all of those manual processes and get to a point where customers can have a more updated and automated process.
But ultimately it is the customers who take action as quickly as possible, with the support of us and Crowdstrike.
And we realize and understand that we need to get global commerce back online.
And if any of the companies that you work with release an update like this, any kind of update, because I know that happens a lot.
They regularly release updates to address all these threats.
What tests are performed beforehand?
And what kind of conversations do you regularly have with Crowdstrike and similar companies?
What a great question.
Look, our engineering teams are always working with our partners who publish security features that impact our systems, so we try to avoid a situation like this, right?
And those are ongoing conversations.
There is a very strict program where the partner is encouraged to get thoroughly tested. I certainly would not expect them not to get thoroughly tested.
This was clearly something that was unexpected and that caused this global event.
What we really need to focus on now is getting people back to work as quickly as possible.
We focus on Pro Trek and our customers do. After this event there is still plenty of time to figure out what exactly went wrong and how we can make sure that something like this doesn't happen again. A broader question for you.
And I, I know people are now wondering whether we are not too dependent on companies that are too small.
A number of companies that power the web.
Well, it just seems like an important point.
An important question people ask themselves after this event is mine. I am curious to hear your thoughts on this.
Josh, I think people ask questions like this after every event, right?
I think we and I have been in the tech space for a long time, but I think we always have to look back at the events after these events. As I said, our focus now is on getting our customers up and running as quickly as possible.
We focus all our resources on this.
But I think after this event, there's an opportunity for all of us to learn from it and make sure we do better in the future. We need to work incredibly well with both government and industry to make sure that we have robust ecosystems so that we can weather these kinds of events and they don't have this kind of impact. Should systems be more open than they are now?
Ironically, it's an interesting way to avoid this since this was a third-party solution.
So you were by definition a very open system, right?
A third party provided an update to their Microsoft customers that shut down global IT systems.
And it's actually a definition of an open system, because this was a Microsoft law against a Microsoft system.
So I don't think this is the opportunity to move on.
But as I said, the focus now has to be on getting customers online safely and securely and getting all of these businesses up and running again.
After the event there will be plenty of time to think about the next step and how we can make the ecosystem more resilient.
Thank you Ann, I really appreciate your time today.
