Airlines, banks, hospitals and other risk-averse organizations around the world chose cybersecurity company CrowdStrike to protect their computer systems from hackers and data breaches.
But all it took was one faulty CrowdStrike software update to cause global disruptions Friday that grounded flights, knocked banks and media outlets offline, and disrupted hospitals, retailers and other services.
"This is a function of the very homogenous technology that goes into the backbone of all of our IT infrastructure," said Gregory Falco, an assistant professor of engineering at Cornell University. "What really causes this mess is that we rely on very few companies, and everybody uses the same folks, so everyone goes down at the same time."
The trouble with the update issued by CrowdStrike and affecting computers running Microsoft's Windows operating system was not a hacking incident or cyberattack, according to CrowdStrike, which apologized and said a fix was on the way.
But it wasn't an easy fix. It required "boots on the ground" to remediate, said Gartner analyst Eric Grenier.
