Today, on July 19, the whole world faced a global IT failure that affected communications, emergency services, flights, and the work of financial institutions. The cause was problems with the interaction between the Crowdstrike antivirus and Windows, UNN reports.
CrowdStrike
CrowdStrike is the world leader in endpoint security - that's how the US-based company presents itself.
CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Sunnyvale, California.
In addition to endpoint protection, the company also works in the field of threat intelligence and provides cyber attack response services.
CrowdStrike was founded by George Kurtz (CEO), Dmitry Alperovitch, and Gregg Marston in 2011. The company is called a unicorn startup, as it reached a capitalization of $1 billion by 2017.
"The success was brought by an alternative approach to IT security that was fundamentally different from what was prevailing at the time. The company created the first cloud-based security platform, which is a revolutionary endpoint security technology offered as a SaaS (software as a service) solution for businesses. The user receives a subscription license and access to the programs. The level of reliability of this software can be judged at least by the fact that CrowdStrike is used by 5 of the world's 10 largest financial institutions," the company's distributors write.
The company's website states that it provides technology solutions for small businesses, election security, state and local governments, as well as the US federal government, healthcare, education, financial services, and trade.
Judging by the disruptions that have spread around the world, the company's products are also used at airports, as well as in the communications and logistics sectors.
"The company's core solution, the CrowdStrike Falcon platform, is the industry's first cloud-based solution that protects endpoints by combining next-generation antivirus, EDR (endpoint detection and response), and a 24/7 managed search service. All of this is available through a single agent on the client device.
Falcon is powered by artificial intelligence (AI) and combines technology, intelligence, and experience into one simple solution that reliably stops any threat. The platform delivers real-time protection in minutes, and its efficient AI algorithms allow you to see results from the first day of use. The cloud infrastructure and architecture eliminate the complexity of working with different applications, provide manageability and speed of solution," the company's main product description says.
CrowdStrike and cybersecurity
In addition to solutions and protection, as we mentioned above, CrowdStrike is involved in investigating and preventing cyberattacks.
For example, the company participated in the investigation of the 2014 attack on Sony Pictures and found evidence of North Korean involvement in the attack. The company's experts were also able to demonstrate how the attack was carried out. In 2014, CrowdStrike played an important role in identifying the members of Putter Panda, a group of hackers funded by China.
In May 2014, CrowdStrike's reports helped the U.S. Department of Justice to substantiate the indictment of five Chinese military hackers for economic espionage against U.S. corporations. The company's experts also uncovered the activities of Energetic Bear, a Russian-linked group that conducted intelligence and espionage on a global scale, primarily against energy sector companies.
The company's representatives were also involved in the investigation of many cases of personal data leaks, as well as in the investigation of the hacking of the US Democrats' email service.
CrowdStrike and Ukraine
In December 2016, CrowdStrike published a report stating that the Russian government group Fancy Bear had hacked into the Ukrainian artillery program. The conclusions of the experts were quite harsh - Russian hackers could have caused great damage to Ukrainian artillery. However, the International Institute for Strategic Studies and the Ministry of Defense of Ukraine disagreed with these conclusions. The Ministry of Defense stated that the actual losses were less and were not related to the hacker attack.
Open sources also say that Ukraine was the first post-Soviet country to use CrowdStrike products. And in 2020, Ukraine became the leader in the use of the company's products among the countries of Central and Eastern Europe.
Today's events have demonstrated that the failure has affected , including Nova Poshta, Monobank, Sense Bank, and Vodafone.