CrowdStrike Causes Historic IT Outage

CrowdStrike Causes Historic IT Outage

·

2 min read

On July 19, 2024 a faulty update from CrowdStrike caused widespread crashes of Windows systems, affecting businesses globally. The update led to Blue Screens of Death (BSOD) and system reboots, impacting services like Google Cloud and Microsoft Azure. Ultimately affecting some of Australia's biggest businesses like Commonwealth Bank, Telstra and Qantas just to name a few.

Later on July 19, CrowdStrike identified and fixed the issue, advising manual deletion of a specific driver file which can be done by following these steps:

  1. Boot Windows in Safe Mode or Windows Recovery Environment

  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory

  3. Find the file named "C-00000291*.sys" and delete it

  4. Restart the computer or server normally

Lessons from the incident

Technology monopolies like CrowdStrike and Windows are posing one of the biggest IT challenges to date, if one goes down, all goes down. Diversifying which services we use on a daily basis should become one of the top priorities.

Some might argue that this isn't a cybersecurity challenge but if we analyse the 3 core elements that cybersecurity aims to protect, also known as CIA:

  • Confidentiality

  • Integrity

  • Availability

The CrowdStrike incident clearly affected Availability.

On top of that, threat actors are currently exploiting the disruption for phishing attacks by spreading malware disguised as CrowdStrike updates.


As a leading cybersecurity company, we are on the forefront of security research, constantly monitoring for emerging threats. With best in class security expertise, we are able to help you secure your assets to the highest levels.

Visit rivanorth.com to find out more.

You build the future. We help you secure it.