Phone us
It has been almost a month since CrowdStrike’s mini-Y2K outage, caused by a bug in a software update. An IT outage of this magnitude is unprecedented, and while it may take weeks or even months to fully grasp its effects, the fallout is already starting to become evident.

On the 19th of July 2024, CrowdStrike released a software update that crashed millions of computers worldwide, disrupting thousands of businesses globally and costing billions of dollars. In the aftermath of the outage, governments, regulators, and businesses are now assessing the continuing commercial and legal ramifications.

Government Response

To address the crisis, the US government extended an offer to assist CrowdStrike in restoring their software systems. This collaboration underscores the severity of the situation and the critical role that CrowdStrike’s cybersecurity infrastructure plays in national and global security. In the aftermath, Congress has summoned CrowdStrike CEO George Kurtz to provide a detailed explanation of the outage, outlining the causes and the steps being taken to prevent such incidents in the future. The gravity of the situation also prompted the UK government to convene a COBRA meeting to discuss the implications of the outage and coordinate a strategic response. The involvement of both US and UK governments highlights the far-reaching impact of the outage and the urgent need for robust cybersecurity measures.

Stock Turmoil

In the immediate aftermath, CrowdStrike’s stock dropped by over 10% by the close of business on the day of the incident. Unfortunately, this decline was just the beginning. Throughout the remainder of July, the stock continued to tumble, losing more than 30% of its value. To make matters worse, on 30th July, shareholders filed a lawsuit against the company, accusing CrowdStrike of defrauding investors by concealing flaws in their software testing process. All eyes are now on CrowdStrike as they prepare to release their quarterly earnings on 28th August.

Corporations Consider Legal Action

Delta Airlines, one of the businesses most severely impacted by the CrowdStrike outage, has confirmed that they are actively considering legal action against the company. The outage forced Delta to cancel over 5,000 flights, disrupting travel plans for countless passengers and leading to significant operational challenges. The financial toll has been substantial, with the airline reportedly losing around $500 million in compensation to affected customers and lost revenue due to the cancellations. This staggering loss has intensified Delta’s resolve to seek accountability, as they explore their legal options to recover the damages incurred. The situation highlights the broader implications of the outage, which has left major corporations grappling with its fallout and considering legal recourse as a means to address the financial and reputational harm suffered.

Fraudster Exploitation

One of the more sinister impacts of this incident has been the number of fraudsters attempting to take advantage. In the days following the incident, there were reports of fraudsters sending out phishing emails purporting to be CrowdStrike support, as well as phone calls of fraudsters impersonating CrowdStrike staff. These deceptive tactics aim to exploit the confusion and urgency surrounding the incident, further complicating the situation for affected individuals and organisations.

Preventing Future Issues

These kinds of major outages will happen again in future, and it is important for your business to have a plan to help manage the incident and ensure maximum operational capacity, whether your business is directly impacted or not.  It is important that your organisation is resilient to to current and future challenges. At AJC, we can assist you with this, by ensuring that you have a comprehensive and effective business continuity plan.

When was your last independent cyber resiliency review? Is your cyber hygiene as strong as you think? What risks remain, and what change controls are in place? How do you vet third parties? We can help you address these questions and assess the resiliency of your company.

Please contact us on 020 7101 4861 if you think we can help.

In case you missed it...

cyber security measures
Cyberattack Derails TfL: The Urgent Need...

Earlier this week a cyberattack on Transport for London (TfL) left its Oyster card and payment systems compromised, causing widespread...

Read More
scam calls prevention
Tackling the UK’s Scam Calls Epidemic:...

The United Kingdom has Europe's highest fraud call rate at 9.3%, with people frequently targeted by scammers posing as loved...

Read More
ISO 42001
ISO/IEC 42001: A New International Standard...

With the growing impact of AI across industries, robust governance has become essential. ISO/IEC 42001 is a newly established global...

Read More

Get in touch

    By submitting this form you are consenting that your data be handled in accordance with our Privacy Notice and we will be in touch regarding your enquiry.