CrowdStrike’s Cyber Outage Will Cost $Billions

The CrowdStrike defective software update that crashed computers, cancelled flights and disrupted hospitals around the world and the outage may have cost Fortune 500 companies as much as $5.4 billion in revenues.

The largest direct financial losses will likely be suffered by Fortune 500 companies in the healthcare and banking sectors.

With litigation and numerous lawsuits waiting in the wings, Crowdstrike is probably looking at billions more in fines, legal fees and lost revenue. 

CrowdStrike will probably be fined by US Government Regulators. Worse, as the CrowdStrike’s outage could have involved breaches and issues related to personal data, it could come under investigationby European regulators, which can impose fines of up to 4% of annual revenues.

In the US, CrowdStrike is also likely to see an avalanche of class action lawsuits. US law firms, including San Francisco-based Lieff Cabraser Heimann & Bernstein, are already reviewing and collecting data from clients related to business losses that “will help us hold Crowdstrike accountable for its disruption of global business and the consequences thereof for all Internet users.”

Further, CrowdStrike could see customers leave for competing firms and the outage has already cost the company and its investors $billions, including the damages to its stock market value, which it will likely not recover from any time soon.  

The primary cause of the failure stemmed from an update that CrowdStrike pushed to its flagship Falcon platform, which functions as a cloud-based service intended to protect businesses from cyber-attacks and disruptions. The update contained a bug which caused 8.5m Windows machines to crash en masse.

CrowdStrike is one of the world’s most important cyber security companies, and was valued at around $83bn before the outage. It services about 538 of the Fortune 1000 companies, according to its website, and operates around the world. 

The incident has taken a significant bite out of CrowdStrike’s stock price and CrowdStrike’s shares fell to $294 per share, and are presently trading at around $264. That’s a decline of more than 20%, and its market capitalisation could fall even further.

The consequences of its botched software update are proving severe, demonstrating just how many companies are reliant on a single supplier for the same services to keep operations running.

CrowdStrike have now said that it has laid out plans to ensure a similar issue can be prevented, including additional validation checks and improved testing by using testing types such as local developer testing and content update and rollback testing.

Fast Company   |     Lieff Cabraser   |   Reddit   |     Guardian   |     CNN   |    Silicon Republic   |   NYPost  

Imge:

You Might Also Read: 

Companies Must Review Their Cloud Strategies:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« Wiz Rejects Google's $23b Acquisition Offer
Most Wanted - North Korean Hackers  »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

HackLabs

HackLabs

HackLabs is a penetration testing company providing services for network security, web application security and social engineering testing.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Risk Ledger

Risk Ledger

Risk Ledger is improving the security of the global supply chain ecosystem, reducing the number of data breaches experienced through supply chain attacks by companies and consumers alike.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

GM Sectec

GM Sectec

GM Sectec is the world's largest independent Cyber Defense and Fraud Prevention firm laser focused on payment security.

Zuul IoT

Zuul IoT

Zuul take an asset-centric approach to OT security, enabling security teams to protect the critical IIoT/IoT devices that are at the foundation of critical business functions.

Silent Circle

Silent Circle

Silent Circle is the leader in end-to-end enterprise solutions for secure mobile communications.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Zenzero

Zenzero

Zenzero simplifies technology adoption and supports our customers through managed and outsourced IT support.

Apex iQ (ApexiQ)

Apex iQ (ApexiQ)

ApexiQ is a continuous asset assurance platform that empowers you with the confidence to make better data-driven decisions and take automated action to reduce your risk.

EpicCyber

EpicCyber

Since 2011, Epic Cyber has pioneered the integration of enterprise cloud technology.

Attaxion

Attaxion

Attaxion is an External Attack Surface Management (EASM) Platform. We offer attack surface management solutions with #1 asset coverage and laser-focused, actionable intelligence.

DeepStrike

DeepStrike

DeepStrike is a leading cybersecurity firm specializing in human-powered, high-quality penetration testing designed to protect businesses from evolving cyber threats.