The flawed update from CrowdStrike Holdings Inc. (NASDAQ:CRWD), which led to a global IT outage, has attracted criticism from a leading U.S. cybersecurity official.
What Happened: In a LinkedIn post on Saturday, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, labeled the faulty software update as a "serious mistake."
The incident "was a huge deal with serious impacts on critical infrastructure operations across the world," she stated, adding, "While it wasn't malicious, it was a serious mistake, one for which CEO George Kurtz took full responsibility, apologized, and committed to resolving collaboratively,"
She went on to say that disruptions from technology outages or cyber-attacks, are inevitable. Organizations must anticipate and plan for these events, designing resilient systems and training personnel to manage them.
Moreover, governments and critical infrastructure entities must enhance resilience to ensure swift response and recovery, minimizing disruption to essential services, Easterly said.
Why It Matters: The defective update impacted approximately 8.5 million devices globally that run on the Microsoft Corporation's (NASDAQ:MSFT) Windows system.
The update had a profound effect on businesses and governments worldwide, causing disruptions in critical infrastructure operations.
Following the incident, CrowdStrike experienced a significant decline in its stock price. The company is currently assisting affected customers due to a flaw discovered in a specific content update for Windows hosts.