Responding to the CrowdStrike Outage: Implications for Cyber and Technology Professionals

Responding to the CrowdStrike Outage: Implications for Cyber and Technology Professionals
Cyber Labs

08 of 20

This insight is part 08 of 20 in this Collection.

July 19, 2024 3 mins

Responding to the CrowdStrike Outage: Implications for Cyber and Technology Professionals

This client alert provides an overview of the current global IT outage that is related to a CrowdStrike update. We provide an overview of CrowdStrike's response and guidance, and Aon Cyber Solutions' recommendations for affected clients.

This alert describes a quickly changing situation. The information contained herein is based on publicly available information believed to be accurate at the time of publishing, Aon has not verified such information independently,  and cannot guarantee  the accuracy, adequacy, completeness of such information. Aon accepts no liability for any loss incurred in any way whatsoever by any person who may rely on it, and any recipient shall be entirely responsible for the use to which it puts this information. The information contained herein and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity and we recommend seeking appropriate professional advice to address a specific situation.

Overview of the Current Situation

On July 19, 2024, many organizations around the world experienced an outage following a recent update of the CrowdStrike solution. The Falcon Sensor on Windows platforms is the only known component to be affected. At the time of writing, the outage has led to boot issues on affected systems. Based on public reporting to date, there is no evidence to suggest that this situation is the result of an external compromise.

CrowdStrike Response and Guidance

In response to the outage, CrowdStrike has published a technical alert on their customer portal containing up to date information about the issue, steps being taken to resolve it, and guidance for affected users. We encourage all affected users to refer to this resource to assist with restoring functionality to their Windows systems.

Aon Cyber Solutions Recommendations

Based on the information available at the time of publication, the following steps may assist organizations impacted by this outage:

1. Apply Mitigation Steps:

We understand that current guidance is to reboot affected hosts. If a reboot is not successful, CrowdStrike have released guidance on steps that should be taken to manually remove specific system files. Customers should regularly check CrowdStrike's customer portal and their official communication channels for the latest updates and instructions. It is important to note that BitLocker recovery keys and administrative passwords may be required to enact changes on affected systems, so ensure that these are backed up and readily accessible.

2. Monitor Systems:

Continuously monitor the performance and stability of your systems after applying the fix. Report any anomalies to CrowdStrike support immediately.

3. Contact Cyber Insurance Brokerage to Discuss Notification:

Impacted clients should contact their cyber insurance broker to discuss potential impact. The facts and circumstances of a particular company's situation will impact how coverage might apply to the event, and your brokers should be well positioned to assist with navigating notification requirements and potential support.

4. Long Term Considerations:

This event highlights the need for organizations to have business continuity and disaster recovery systems and plans to minimise downtime. Those systems and plans should also be regularly tested. Organizations should review their backup regime to ensure data is protected and can be restored in similar incidents.

Conclusion

The current outage affecting CrowdStrike users is a reminder of the dynamic nature of cybersecurity and the importance of robust incident response protocols. While the situation is still ongoing, the swift actions taken by CrowdStrike and the collaborative efforts of the cybersecurity community highlight the resilience and adaptability necessary to manage such events.

Aon Cyber Solutions remains committed to providing support and guidance during this time. We will continue to monitor the situation closely and provide updates as more information becomes available.

If you are experiencing a cyber incident, please contact our cyber response teams for urgent breach assistance using the details listed here - https://www.aon.com/en/capabilities/cyber-resilience/cyber-breach-assistance. For all other enquiries, please contact us via the general enquiries section on that page.

About Cyber Solutions:

Aon’s Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.

General Disclaimer

This document is not intended to address any specific situation or to provide legal, regulatory, financial, or other advice. While care has been taken in the production of this document, Aon does not warrant, represent or guarantee the accuracy, adequacy, completeness or fitness for any purpose of the document or any part of it and can accept no liability for any loss incurred in any way by any person who may rely on it. Any recipient shall be responsible for the use to which it puts this document. This document has been compiled using information available to us up to its date of publication and is subject to any qualifications made in the document.

Terms of Use

The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.