Omdia’s Post

Omdia #cybersecurity experts have provided some initial commentary on the impacts from today's #IT #Outage. Watch this space for more as the situation unfolds.

Since Omdia cyber analysts got to their desks this morning, 19 July, news has been flooding in about major IT outages the world over. Everything from ports, airports, banks, retail outlets, trains, emergency services, media companies, the UK’s National Health Service (NHS) and more have reported an inability to operate normally, with some more affected than others. The common thread? Machines running Windows 10 have been bricked en masse. In the few hours since this crisis began, it appears that a software update has triggered this global IT meltdown. The infamous "Blue Screen of Death" (BSoD) allegedly followed a software update by cybersecurity vendor CrowdStrike on their Falcon agent. Amid the chaos, conflicting reports are emerging. Some sources, including Microsoft, suggest the Windows 10 issue might be separate from the CrowdStrike fiasco. However, no concrete confirmation has been provided yet. In the desperate scramble for solutions, a supposed fix is making rounds in tech forums: booting in Safe Mode, navigating to the CrowdStrike directory, and deleting the file C-00000291*.sys. This fix remains unverified by Omdia. All eyes are now on CrowdStrike and Microsoft. The stakes couldn't be higher. CrowdStrike, deeply embedded in enterprise cybersecurity, faces an existential threat if this update is confirmed to be the root cause. Unlike other vendors, removing CrowdStrike from the security stack is not a simple task; it’s a massive project fraught with complexities. The question looms: Could CrowdStrike actually fail? The vendor's entrenchment in enterprise cybersecurity might not be enough to withstand the fallout if they are indeed responsible for this unprecedented global outage. Microsoft, despite its involvement, is unlikely to face the same existential threat. Its entrenchment in IT and security infrastructures across the globe makes it almost invincible. But the scrutiny and backlash will undoubtedly be intense. As the situation unfolds, the tech world watches with bated breath, bracing for the impact of what could be the most significant IT crisis of the decade. More to come from Omdia as the situation develops! Rik Turner Jonathan Ong Hollie Hennessy Don Tait Adam Etherington

Ports, airports, banks, retail outlets, trains, emergency services, media companies, and the UK’s NHS continue to be severely impacted by widespread IT outages. Omdia's Maxine Holt and team are continuing to be across the key factors at play as the #tech world watches this #crisis unfold. Follow Maxine for the very latest from Omdia's #cybersecurity group as this story, its implications and responses develop. And be sure to join Maxine and the Omdia cybersecurity team at their one-day summit at Black Hat USA on August 6, unpacking existing #security platforms, where they are evolving and how to manage risk effectively within your organization.

Good post from Maxine Holt from Omdia explaining clearly today's CrowdStrike meltdown. Omdia has a great security team with a good reach. My POV: global is an imperative for analyst relations, every security vendor should have a programme which includes local and specialist firms. Give us a call if you'd like to discuss on to get on their radar. #ARchat #cybersecurity

It takes malicious adversaries an average of 62 minutes to bring your business down, warns the CrowdStrike website. In the event, the cyber security company trusted to protect 29,000 clients from hackers managed to bring down a huge chunk of global enterprise itself. The culprit appears to be a single faulty content update that it pushed on its Falcon Sensor product to Microsoft users worldwide.  It is not clear how many customers, exactly, are at present stuck staring at a “blue screen of death”. It seems to be a global phenomenon, with businesses in Asia, Europe and the US reporting issues. The fallout appears to span large swaths of the world economy, affecting airlines, trains, banks, broadcasters and almost everything else besides. The companies involved say they have deployed a fix. But initial reports suggested the process is both manual and complex, meaning that bringing crashed PCs back online may be a laborious process. The companies involved will, of course, take a hit. Such a widespread failure will, at the very least, raise serious questions about quality control and internal testing processes. That should spook customers. The stock looks vulnerable, too. CrowdStrike has been growing rapidly, more than doubling its market capitalisation over the past 12 months to $83.5bn. The company’s shares opened down 9.5 percent on Friday. Other companies, operating on a similar business model, may also be affected. Clients will be alive to the risk of outsourcing such mission-critical functions to third parties — especially ones that can automatically push updates on to client systems. One result may well be the expansion of internal IT teams. Another should be seeking a greater range of suppliers across software and other security applications. The incident will exacerbate concerns about concentration risk in the cyber security industry. Just 15 companies worldwide account for 62 per cent of the market in cyber security products and services, according to SecurityScorecard. In modern endpoint security, the business of securing PCs, laptops and other devices, the problem is worse: three companies, with Microsoft and CrowdStrike by far the largest, controlled half the market last year, according to IDC. #cyber #vulnerable #internet #security #risk

Concern and chaos globally today on what is already being considered the worst IT outage in history The situation is continuously evolving and it is important of follow updates and information from trusted sources to avoid the usual misinformation spreading with such events. Here are a few articles from trusted sources outlining what has happened so far and why: 🔴 BBC News: Crowdstrike says IT problems will take time to fix https://lnkd.in/g_QSgBjz 🔴 Financial Times: What caused the huge global IT outage https://lnkd.in/g_tuDc7t 🔴 Sky News: Global IT outages latest: Security firm CrowdStrike rules out cyber attack as world copes with tech 'disaster'  https://lnkd.in/g-VHjM_j 🔴 New York Times: What caused such a widespread tech meltdown? https://lnkd.in/gyH-TdhN 🔴 Forbes: CrowdStrike Windows Outage—What Happened And What To Do Next  https://lnkd.in/gpQF9f94 🔴 Reuters: What caused the global cyber outage? https://lnkd.in/gV-v8zTp 

💻 For anyone who's #computer isn't down and can still see this, check out this great article from my colleague Amber Jackson 👉 She takes a deep dive into the current Global #ITOutage the world woke up to find itself experiencing ❗ Find out just exactly how big the #IT #disruption is, who is being effected and what #industry experts are saying about it ❗

🚨 Is Your Business Ready for the Unforeseen? 🚨 The recent chaos caused by a faulty CrowdStrike software update, impacting 8.5 million Microsoft devices, serves as a stark reminder of the vulnerabilities in our digital age. This incident disrupted operations across various sectors, including airlines, healthcare, and financial services, highlighting the interconnected nature of modern business. What Does This Mean for Your Business? 🔍 Enhanced Monitoring and Testing: Ensure all software updates undergo rigorous testing and validation to prevent unexpected failures. Regularly monitor systems for vulnerabilities. 🛡️ Robust Contingency Plans: Develop comprehensive plans to maintain operational continuity in the face of system disruptions. Prepare for swift crisis management. 🔄 Scrutinize Service Providers: Closely manage and evaluate the cybersecurity protocols of your service providers to minimize risks from third-party solutions. 💼 Legal and Financial Safeguards: Enhance insurance coverage and legal strategies to mitigate potential risks from operational disruptions and customer claims. 📚 Employee Vigilance: Educate employees on the latest cyber threats, including phishing scams, to strengthen your first line of defense against cybercriminals. This incident underscores the need for businesses to adopt a proactive cybersecurity strategy. Learn more about protecting your business from such vulnerabilities in our full blog post. Read the full article on our blog now! https://lnkd.in/djDnB_te

A faulty security update from cybersecurity firm CrowdStrike caused a massive global IT outage, impacting 8.5 million Microsoft Windows computers and severely disrupting businesses, banks, hospitals and airlines. This incident, one of the worst in IT history, has highlighted the fragility of global computer networks. Despite the company's efforts to restore systems and issue a new fix, the outage underscored the vulnerability created by dependency on a few key cybersecurity firms. While China remained largely unaffected due to limited use of CrowdStrike and Microsoft, the outage stressed the critical need for robust and resilient IT infrastructures. Related link: CrowdStrike issue causes major outage affecting businesses around the world - https://lnkd.in/eAqn2ugk Kashnie Naidoo Charlotte Gamede Krishna Govender

🚨Global Crisis: Faulty CrowdStrike Update Causes Widespread System Outages! 🔴 Organizations worldwide are experiencing major outages due to a problematic update from cybersecurity giant CrowdStrike (NASDAQ: CRWD). Reports indicate that a recent update to CrowdStrike's Falcon sensor is causing Windows hosts to enter a Blue Screen of Death (BSOD) loop, rendering devices inoperable. 🔴CrowdStrike has launched an investigation and is working to revert the changes that may have caused the issue. CEO George Kurtz stated on the social media platform X that the problem is due to a “defect found in a single content update for Windows hosts,” emphasizing that Mac and Linux hosts are unaffected. He reassured users that this was not a security incident or cyberattack and that a fix had been deployed. 🔵 A recommended workaround involves booting affected systems in Safe Mode and deleting a specific CrowdStrike component. 🔴The issue has resulted in significant outages across various sectors, including airports, banks, media outlets, and hospitals. Some incidents appear to be mixed with a separate Microsoft cloud service outage, which has been resolved. However, the primary disruptions are attributed to the CrowdStrike update. American Airlines, for instance, reported flight delays due to the issue, citing a “technical issue with CrowdStrike. 🔴 Google Cloud reported incidents affecting its Compute Engine. They noted that "Windows VMs using Crowdstrike's csagent.sys are crashing and going into unexpected reboot." 🔴Cybersecurity experts highlighted the massive impact of the CrowdStrike issue, describing it as potentially the biggest global IT incident ever in terms of impact. they emphasized that the outage was due to CrowdStrike, not Microsoft. 🔴CrowdStrike’s shares have fallen approximately 20% in pre-market trading following the incident. #CrowdStrike #CyberSecurity #ITResilience #BusinessContinuity #CyberIncident #CloudComputing #WindowsUpdate #CyberAttack