The American cybersecurity company "CrowdStrike" is considered one of the most well-known companies in the cybersecurity field, with a portfolio of over 20,000 clients worldwide. CrowdStrike Holdings, based in Austin, Texas, has participated in the investigations of several prominent cyberattacks, including the breach of Sony Pictures in 2014, and the cyberattacks on the Democratic National Committee (DNC) in 2015-2016, which involved the 2016 email leak concerning the DNC.
"CrowdStrike" was co-founded in 2011 by George Kurtz (CEO), Dmitri Alperovitch (former CTO), and Greg Marston (CFO, retired). In 2012, Shawn Henry, a former FBI official, was hired by "CrowdStrike."
In May 2014, "CrowdStrike" assisted the U.S. Department of Justice in indicting five Chinese military hackers for economic espionage against American companies. "CrowdStrike" also revealed the activities of Energetic Bear, a group linked to the Russian Federation that conducted intelligence operations against global targets, primarily in the energy sector.
After the breach of Sony Pictures, "CrowdStrike" disclosed evidence of North Korean government involvement and demonstrated how the attack was executed. In 2014, "CrowdStrike" played a role in identifying members of Putter Panda, a state-sponsored Chinese hacker group also known as PLA Unit 61486.
In July 2015, "Google" invested in a funding round that was followed by a series of funding rounds, leading to the company's listing on the NASDAQ in 2019. By 2017, the company's valuation had surpassed $1 billion with an estimated annual revenue of $100 million. In June 2018, the company stated that its valuation was over $3 billion.
### Recent Incident
The company's name gained significant attention recently after a global technical malfunction disrupted operations across many industries on Friday, leading to flight cancellations and forcing several media outlets to halt live broadcasts. The disruption affected all areas, including banking services and healthcare systems.
### What Happened?
According to an alert sent by "CrowdStrike" to its clients, the widely used "Falcon" sensor program was causing disruptions in the Windows operating system, causing the blue screen, also known as the "blue screen of death."
The alert, sent at 05:30 GMT on Friday, included guidelines for manually resolving the issue. As reported by media, Omar Grossman, Chief Information Officer at "CyberArk" for identity security, stated that the damage to business operations globally was immense, resulting from an update to CrowdStrike's "Endpoint Detection and Response" (EDR) product, which cybersecurity firms install on their clients' computers to protect them from hackers.
This software, which operates in the background on client machines or endpoints, is utilized by cybersecurity companies to monitor signs of attack on their clients' networks. Grossman also noted that due to the failure of endpoints (blue screen of death), it became clear that they could not be updated remotely and that the issue needed to be resolved manually (one endpoint at a time), a process expected to take several days.
