Global IT outage: 'We're deeply sorry', CrowdStrike CEO George Kurtz says
HTML-код
- Опубликовано: 15 окт 2024
- CEO of Crowdstrike George Kurtz delivers an apology after global IT outage disrupts businesses including banks, airlines, train companies, telecommunications companies, TV and radio broadcasters and supermarkets.
Speaking to our partner NBC, Mr Kurtz said 'We're deeply sorry...the global issues were caused by a single faulty content update'.
He added 'That update had a software bug in it and caused an issue with the Microsoft operating system...we identified this very quickly and remediated the issue'.
Read more: news.sky.com/s...
#skynews #crowdstrike #microsoft #uk
SUBSCRIBE to our RUclips channel for more videos: / skynews
Follow us on Twitter: / skynews
Like us on Facebook: / skynews
Follow us on Instagram: / skynews
Follow us on TikTok: / skynews
For more content go to news.sky.com and download our apps: Apple itunes.apple.c... Android play.google.co...
Sky News Daily podcast is available for free here: podfollow.com/...
Sky News videos are now available in Spanish here/Los video de Sky News están disponibles en español aquí: / @skynewsespanol
To enquire about licensing Sky News content, you can find more information here: news.sky.com/i...
The irony of a cybersecurity vendor causing the biggest outage in history.
Yes, plus the companies nowadays wants to cut the costs with IT to increase c-suite bonus and investor dividends. Well… enjoy your cheap IT personnel
Anyone who works in the industry knows that faulty patches, particularly security patches, are notorious for causing these types of issues. What's shocking is that a company with such wide reach and impact has made, what is essentially, a rookie error with this.
No Windows running means no Malware !! Genius folks. Going by Boeing standards, this genius CEO should get 10x Salary increase next year!
Like the credit protection companies getting hacked. Experian
@@3xtropian idiots from within
Guy got a bug caught in his throat too.
😂😂😂 that has madecworld stop
Cmon..😂😂
Haha the stress he's feeling must be ridiculous
It’s not a bug, it’s all the bull💩 he’s about to spew making its way up
That was his conscience trying to crawl out.
Tbh in this day and age. Whoever holds the key to the Internet holds the key to the whole world
problem is internet has no key its been unlocked some decades ago.. its like a free highway.. only way to shutdown it is to shutdown electricity worldwide..
good thing there's no such thing as "key to the internet" :D
I'd be happy if they slowly turned it off and it stayed off.
It won't happen of course in the age of the internet of things & A I.
Losing cash all together to a digal currency is a ticking time bo#b
Sad reality of today's world
@todorkolev7565 if someone can cause all the carnage that happened today by acciden5 because of a bug in a single upgrade imagine what could happen if someone really tried to inflict damage
I don’t think he answered a single question that whole time. He should run for office
This was the same guy that was CTO at MAcafee when they crippled most of the Windows XP computers with a untested rollout.. Two strikes.... Betcha if Trump gets in, he will be offered a job as Secretary of IT.
@@pquodling Head of DARPA
Hes a politician😂
He rightfully choked and needed a glass of water when she asked why all these organizations rely solely on a singular security system. He knows his company just lost its monopolistic hold with all the organizations using his security system. No way the banks and airports will let this happen again as they are losing a ton of money due to this outage. They will introduce redundancy with a different vendor.
In order to be monopolistic, they would have to be the ONLY provider. That's absolutely not the case.
Ok hater
I don't think this is a redundancy issue. The end point can only have one EDR engine (product), either Crowd strike or some other company's products. The issue is with Crowdstrike's testing process. This BSOD issue with Windows operating systems should have caught in their testing process - think they install this update in the Windows testing environment. How could they miss this is beyond my understanding.
@@mcheartwthis could easily happen if they’ve gone the way of so many companies- profits over anything. They probably cut a few testers to save the company *maybe* $200k/year and no one noticed for awhile but eventually it caught up with them 🤷🏼♀️
My Nan has been unable to play Gala Online Bingo since last night. Now she will be forced to find some other way of losing seven hundred pounds in four minutes. 🤢🤢
I’d tell her to go ladbrokes, and play the horsies. But they can’t even take a bet at the minute.
Chaos!😂
😂😂
this is oppression to the highest degree. i find it so offensive that i cant gamble online at the moment, a true hate crime to all us gam/blers
Maybe she could buy some CloudStrike stock? 😂
£700 in 4 mins she'd be in a home! thats your inheritance.
A software bug that flattened worldwide travel. Where is their contingency plan.
The issue is due to it being an agent, so it runs as a background service on all of the backend infrastructure.
That doesn't matter if its the disaster recovery servers or the Production servers.
We had our own redundancy, so managed to get up and running before Crowdstrike fixed the issue but unless they had images of servers pre the Crowdstrike patch then there is very little that can be done.
Absolutely shocking that some of our biggest and most important industries don't have image and time based disaster recovery.
@@jdchsdjhjLinux.
Mac is for creeps
I cannot believe that crowdstrike don’t have a back up system in case something like this happens because the repercussions of not having such a system can be fatal to human life 😮 also I can’t access my bank account right now or withdraw any cash contactless is not working who carry’s cash these days in a digital world I don’t but maybe I should keep a few hundred at home in case something like this happens again
@@TheKoolBeanThe whole point of outsourcing IT is so they don't have to do it themselves. If they wanted to do that then they could just start their own inhouse cloud servers. It's a cost saving measure not an incompetence one.
The blame lies on Microsoft.
@@Logical_spock It's not about CrowdStrike having a backup system (that wouldn't help at all against an issue like this), it's the companies that use their software that each need backups in place to recover from a disaster like this more quickly. There are many servers affected, but there are also many end user devices (the company-owned computers and laptops on employee's desks in offices or at home) which were also affected by this, and if these computers are completely unable to boot up because of a mistake in CrowdStrike's software, the only way to recover these machines is to have someone physically in front of every one of these computers to boot up in "safe mode" and delete the file that is causing the problem. Either that is an IT person physically in front of every computer, or trying to guide non-IT employees to do it, which is not easy.
"It was only the Microsoft OS that was impacted"
What an amazing understatement.
CrowdStrike only tests on Linux, but forgot Windows.
Ha ha
The 5 Linux users are vindicated
The majority of servers that large enterprises use are Linux servers. If they caused the same impact to Linux servers running crowdstrike then the impact would've been 1000x worse.
A lot of lame excuses
I was an IT professional for over 30 years. This should never have happened. There are no excuses. CrowdStrike should have a very rigorous testing programme to ensure that no release is sent out that might cause this kind of failure. Companies like, the airlines, banks and retail services, should test prior to updating their systems. The issue here is that there is a reliance on over-the-air updates that happen automatically, often overnight, that the effected companies generally have little control over as the software is third party. No one sees the problem until business starts in the morning and by then it is too late to fix it before customers are affected. This must change. Government legislation should be brough in to prevent it and make directors financially liable.
Agreed, there is absolutely no excuse, they need to look at how this got past QA
I’m IT too,
Tell me if I’m crazy but did he lie here, 0:15 he says rebooting system fixes issue, but, it doesn’t for 1,
And for 2, because it’s causing bluescreens they can’t push any updates, so IT teams are going have to manually delete the .sys file, I don’t see how they can push an update to fix that, thousands and thousands of PCs will need manual fixes
And here I was thinking that
chat gpt would replace me, no way can we trust end users to use cli to go in and delete a file from system32 no matter how easy the fix is lmao.
@@grumblewoof4721 Then it was deliberate.
I've been in IT since the 90's and tech well before that as a crazy teenager. I recently retired because the crisis of competence in IT and many industries gets worse and worse almost by the week. The thought of picking myself up and using what days I have left ahead of me to deal with this nonsense on a daily basis solidified my decision.
Agreed, no sandbox, no limited release to test developers assumptions and no roll-back-plan. IT "planning" from the 1980s !
The complexity of security, my *ss. He just didn't test the updated software before releasing it.
They were so confident with their programmers and never thought of bugs.
I think 'he' doesn't do the testing - its a billion dollar operation ... ha ha
@@7415_Gamer unless if there was burnt out programmer or quick releases in short duration.
The arrogance needed to do that
I would imagine the hackers after learning this are trying to find out how they can duplicate this again.
Imagine the the law suits.....
This CEO will get a million $$$ package and bonuses anyway. So, that lawsuit means nothing to these c-level folks.
@dscrac1086
Well They Are Called Crowed Strike So Thats What They Caused LOL 🤣😂
@@dscrac1086 Nah. Stock tanked so shareholders will not be happy. It's a public company so there's a lot of investors involved.
@@cadejust6777 a strike against the crowd 🤣... it seems they get what they paid for
What law suits lol technology will always experience bugs just like rockets and cars and humans and the companies should have back up too so u could blame the government like with the NHS for not having a back up systems in the NHS and not have to just depend on one company to do everything
Its almost as if running the world's digital infrastructure off of one operating system is a bad idea....
Imagine running the world in multiple operating systems that barely talk to each other.
@@josealexander9794 safer
@@josealexander9794 That's better for security and stability
@@dbsiriussecurity but not stability
@@How_To_Play1phone systems already do that.
Don't put all your eggs in one basket
Interesting to see how businesses decide to think about decentralising systems if at all
- lots of businesses moving to a single platform play
- overall reduction in IT costs
They don't learn a big lesson with CN. They put all their eggs in CN, but still refuse to learn huge mistake.
i only have two and they are in a bag
Another example of the downside of a monopoly.
and this is why we must ALWAYS HAVE ACCESS TO ‼️‼️ C-A-S-H ‼️‼️
Agree
@@poppawhoppaoz2480 100% correct.
Bringing new meaning to the word Crowdstrike - "The airport systems have been crowdstruck."
Crowd strike… The irony here is wild.
LIAR - there was NO phased rollout
CEO did this exact same thing in 2010 as CTO of McAfee
Who would authorize a blitz rollout like this? Insane.
A Canary deployment and a slow monitored rollout is vital when updating critical systems.
Total incompetence.
So the Y2k bug is 24 years late.
Lol!
It's so weaselly of him to try to pass the buck on to Microsoft for this one. The systems were apparently working OK before they applied their update. But everyone's heard of Microsoft, only people in the industry have heard of Crowdstrike, so people will assume it's a Microsoft problem. It's so ironic that the security software provider managed to cause the problem that their product is intended to prevent.
To be fair, if a 3rd party software can so easily bring down Microsoft Operating system to its knee, Microsoft also have something to answer for.
I don’t think here he blamed windows, he blamed an interaction sure, but it’s the media and news sites that are naking stories saying “Windows is broken”
@@bl1204 Security software, by its very nature, has to bury itself deep into the operating system, at the kernel level. That's now it can stop malicious software such as viruses and malware before it has the chance to make changes to your operating system or data. That's also the reason why they should have a testing regime that tests against all flavours and patch levels of all the operating systems they support. This wasn't just some outlier case, this was a total failure of the quality assurance process. It's an epic fail, and someone is getting fired for not doing their job properly.
I don't understand. What is this guy doing?? Admitting guilt, taking ownership. It's actually refreshing, maybe there is hope for us. I'm not taking away from the outage but we are a resilient species and we'll be fine.
Admitting fault and taking ownership doesn’t bring the friggin world back online.
Cash was king again
and always will be
bitcoin also unaffected, ofcourse
@@dyztructivebitcoin is entirely digital. I don't know if this specific incident affected bitcoin, but remember bitcoin is entirely at the mercy of the internet.
So why was the software not tested prior to installing into a live environment. These people are a bunch of clowns . It’s nothing to do with complexity it hasn’t been tested.
Crowdstrike takes test in production to a whole new level.
4 years ago my dog figured this out:
ruclips.net/video/lBRs2v9YUmI/видео.htmlsi=NXq5toxlPp06NVP4
Protest the Cashless society!
So what they're telling us is that they dont have integration testing. A bug like this should have and would have been picked up by testing prior to release. And on a friday as well?!
This is shocking negligence. I'm not surprised he's stumbling over his words, it has impacted systems all over the world, and many people will lose their jobs over this.
$21 billion off the company value so far ... and falling. He's going to need a stronger drink than water.
LOL!
Ill be surprised if theres anything left of it
Hemlock might be his new flavor.
This is not a weird interaction, it's simple: Companies like this loath to spend any money on testing anything, it's all about delivery.
Why wasn’t it tested before release?
@Nigelfarij They're not blaming testers. They're blaming management for not having it thoroughly tested before release.
@Nigelfarij Crowdstrike works in squads so each individual product/tribe will have developers, QA's and BA's i couldn't agree more to blame testers/QA is such a cop out.
Developers get the requirements, SRE should be integrating monitoring, QA's should be testing everything the devs, and SRE have done, they can only test what they have been told has changed.
The real issue is management allowing anything out the door to production without full regression testing, staged updates through none production to test and then finally without a proper CI/CD pipeline to track change.
I work in Engineering and QA testing. Sometimes we have an update that works perfectly in our development and testing environments, which are built to represent the production environment minus some systems we just can't replicate. Then we send to production and it completely trashes everything. It usually boils down to some sort of configuration difference between production and testing. Ideally, production would roll out in batches to catch these issues, but that doesn't always happen. IT is complex and there's a lot of moving parts. If it's a critical issue or update, then it gets pushed fast and has a risk of these sorts of errors occurring.
The test has been cmopleted today🐒
@@MrNaesme AMEN!
A lot of people are being VERY critical of the CrowdStrike CEO, but he did have the balls to apologize for the outage that they caused. Many CEOs would deflect and deny until either everyone forgets about the problem or they get removed from their position (much like the head of the Secret Service is deflecting and denying.)
"We're sorry "
"Sorry "
We're very sorry *rub rub "
😂😂😂
...."Sooooooorryyy" 🥺🥹
The update needs to be updated as it is clearly out of date...
just deploy that update, no need for testing, a few minutes later....
Me, watching from the airport.
I blame the companies for relying on a single point of failure
Agreed. IT 101 says don't apply updates to all of your critical infrastructure at the same time. The impacted companies need to take some of the responsibility.
Because companies don't spend money on redundancy, they arent Space travel.
And they won't after this either
And why should cars have seat belts and airbags. Oh that redundancy. Where art thou redundancy, thou most unattainable redundancy.
I am thankful that internet servers run on linux and that has allowed us to stay connected on mobile as well
I know businesses that have lost money today as they couldn’t take bank card payments. Naturally the potential customers walked-off never to return. I bet the business still has its bills and operating costs to pay.
On the upside, it won't be able to pay those bills or operating costs because of Crowd Strike. :)
hospitals were shutdown, people likely died as a result.
I worked in IT for nearly 35 yrs and don't know what a 'content update' is. It's those reminders to run the latest update? I NEVER update the first time I get that notice. I wait weeks to see how stable the update is. I also set a preference to NOT automatically run the update. I only update manually.
Maybe a new blogpost!😂😂😂
The lads too embarrassed to say software update..
Updates should be applied immediately because they could well prevent a zero-day malware from taking hold...
@@Ray_of_Light62 Ironic when a zero day exploit probably wouldn't have caused anywhere near the chaos that this update did.
They run these updates daily in relation to virus probe spike algorithms - its an awful industry to work in and hugely pressurised
He should be more sorry for that haircut
LMAO!
😂
I remember back in past we used to test things before deployment.
They probably use AI.
@01:15 poor guy choking just thinking about the billions of lost market cap 😂
Bro. What would McAfee say to this?
Cash is king.
No Windows running means no Malware !! Genius folks. Going by Boeing standards, this genius CEO should get 10x Salary increase next year!
How come they sent an update without testing it firstly?
I'm sure we haven't heard the full story yet. I wouldn't be surprised if it actually was a malicious act, possibly by a CrowdStrike employee.
@@gerardopc1 There should not even exist a procedure for a global update rollout. All updates must be staged. If they had a way to roll out an update to all clients at once, they already failed and must be punished.
Point over is, why there is no security check on updates/patches at customers machines end before receiving it ? (like big giant Microsoft). And why there is no test machines to check security patch updates before goes live to outside world ? Its not a small bug, its a big failure to Microsoft Security
This has cost billions worldwide.
and likely many lives, hospitals are shutdown
i would have a hard time trusting anyone with cybersecurity if they had a hair style like that
HOY NO SE TRABAJA , GRACIAS PAPI
Russia and China doesn't have this issue as they no longer (on any great scale) use U.S. tech companies on the grounds of national security.
He malfunctioned… they’re letting us know . This poor guy is definitely a scapegoat I feel bad for him
Have they tried turning it off and turning it back on again?
🤣
That happened to me, and I got BSOD.
That was practically the fix actually.
As a former Electronics Tech. I got a good laugh from your comment , thanks .
Check to see if the keyboard is plugged in.
How about apologising to the IT staff who have to fix the mess your parching did?
He is honest about it. There will always be bugs. The problem is everyone using the same systems, it is monopolies taking over, it is singular point reliance. Keep cash and stocks of food... this will happen more and more as they introduce AI.
Everyone isn't using the same systems though. There are a large number of vendors providing the type of software that crowdstrike do.
Without cyber attack these guys brought down systems the world over. They had pushed the updates too quickly without proper QA testing. By the time the fix is rolled out and employed the hackers are going to have a field day. Now we have Windows OS for laptop/pc/workstations and Android OS for mobile phones used by 90% of population. So now imagine if a hacker finds out a vulnerability unnoticed by the vendors almost the entire world would be at his/her mercy.
they are staying one step ahead of their adversaries by causing mayhem themselves so the hackers can just sit-back and enjoy
Even my dog figured our that Crowdstrike was crooked.
ruclips.net/video/lBRs2v9YUmI/видео.htmlsi=NXq5toxlPp06NVP4
Risk analysis. Contingency planning. Does anyone in IT know what these mean? How many other systems are in production that can bring down hospitals and airports across the globe? Does anyone know? I doubt it.
Testing prior to implementing changes are crucial
Imagine using a US company to provide your IT 'security' services 😂
@@zerobytey because people are unbelievably dim.
@@zerobytey I get it, but this is critical public infrastructure with big money and the ones who work here must not be morons.
That guy will declare bankruptcy to avoid being sued for trillions and trillions
We are suffering from an issue of rampant incompetence
I was in software engineering for 25 years. These kind of problems lay at the foot of management. In most cases I saw that management did not institute thorough testing of software prior to release into a production environment. The majority of managers do not have the background, understanding or strength of character to produce well tested software. This is just the tip of the iceberg.
Its not a bug, its a feature.
It's agile.
All the focus is on group hugs and team spirit instead of robust plan with proper quality checks
@@hannacook859tbf every time I've ever worked anywhere that implemented agile, it just destroyed team spirit and made everyone stressed out.
It always feels like one of those things senior management implement to make it look as if they're trying to do something radical. When in reality they're just making everyone miserable.
Needs more cowbell.
A bug and an issue....well that's the type of technical language that gives me confidence things are under control😂
ha ha ha
Their content updates that were supposed to help identify the latest cyberattack became the attack itself? This is what I understood.
Sofware updates is the reason I got out of IT 5 years ago. I'd go to a client and fix their problem, then get a call a week or two later saying it's back.
This is why Apple, Facebook, Microsoft all rollout updates/features in phases to a small subset of users
Yep, that 3 major tech companies who makes popular OS used by the world combined, always does this. Windows who got the huge userbase with diverse of hardware to support, dont push Windows Updatws to all billion Windows PCs all at once. I dont even think MS Update Servers can even do that anyways.
This is why when there is new Windows Update and found out it causes issues, it only affect few batches of PCs and MS will even hold out the update if found massive bug from the update.
The real Q is: How deep is your pocket book after messing up?🤔💰💰💰💰💰😅🤣😂
Do they not test before rolling out to production?
He's very calm considering his company is in the frame. I
Grift company.
It show again and again how much we dependent to "system" when 1 small mistake, capable to cripple global. And we still did not learn about diversity, resiliency and contingency
Question is, why was the update not ran in a staging environment before being pushed to each companies real computers.
Good question. They obviously don't have integration testing. This is shocking negligence.
They should have given a dry run first on their own local system before going global.
This was bullshit. A propaganda piece. They didnt challenge him at all on this debacle. The update looked like 00000000000000000000000 like deliberate spam to cause a crash. Watch as they get away with it.
Say No to cashless society and digital id !!!
"QA is pointless. Just push out the update. We can have customers test for free. It's cheaper this way."
Too reliant on software update roll outs and not enough testing before roll out!
It sounds like their update was allowed out without being tested, which is not great. I remain to be convinced that their failure wasn't the result of nefarious actions.
Ironically the media has let everyone know globally what institutions, governments, companies etc use a windows/crowdstrike combo
What a bunch of clowns! Remember the expression ’Don’t put all your eggs in one basket’.
(It been along night) what about the people in hospital waiting to have operation, the people waiting to get on flight, people tryiny to get money from banks or pay for their goods
People calling emergency services yet not connecting. The sheer amount of lawsuits coming crowdstrikes way, its no wonder everyone is desperate to sell their stock.
Bro became Firecracker for a moment there 😭
Imagine being head of QA at CrowdStrike, or maybe they don't have one.
Sure they are using AI .. hope they have learned their lesson!
I like the way he put gel in his hair before appearing on camera. Totally knows what his priorities are.
Best comment. If I had the problem he has at present, I don't think I would put gel in my hair and make stand up into a point like that. It takes away from his gravitas. How mature is a man who does that to his hair? Surely he can see himself in the mirror?
@@jenniferpierno6108 He's one of those emo tech bros. I bet he talks a good game.
Thanks for noticing everybody. I was going to start a comment like this. Likely would’ve been deleted. Who takes people like this seriously … as a CEO no less.
Have they tried turning it off and on again?
Microsoft is so awesome, we should rely on them more!
Testing is not your forte apparently
Well, they certainly lived up to their name, Crowd-Strike!
"ONLY Microsoft operating system that was impacted ..."
Yeah well in big industries, not that many people use Windows anymore, so that statement is correct.
That is the problem with software engineers. They are so convinced of their own ability, that they often release poorly tested code which can create the problems seen today. It will cost their company a great deal of money.
There is a certain group of them that are especially bad
They probably use AI
i would like to thank him for "thanks for reminding us how the world dependent on one big tech giant (microsoft). now we need to break their domination."
Rip to whoever prepared and planned this upgrade (during nwh on a Friday) 😅
When everything resides on the 'cloud' it's going to be catastrophic. This is just a small taste of what is to come. Technology is great...when it works.
Kurtz has proven to be a stand up CEO, and CrowdStrike is a stellar company. I don’t think it’s competitors are anywhere equal to them. I do think it’s a one-off an time to look at Global Technology as fallible even at its best and our reliance on it. More will be revealed in the upcoming Congressional hearings on the matter, but do not villainize someone who stands up and is truthful!!!
It's frustrating that a single bug caused such a massive outage! To put it in perspective, the term "bug" in computing history comes from an incident where an actual bug caused a malfunction in a computer that was the size of a football stadium.
Given that, why wasn't there any redundancy in place? It feels absurd, like suggesting everyone should have two computers or operating systems just in case.
The key takeaway is that when we rely heavily on software and hardware for everything, we should expect and plan for these kinds of issues.
This company should be forced to reorganize under new management.
There is no way to get out of this with an apology.
😂😂 we’re sorry 😂😂 bro got disrupted on his yacht 😂😂
Reminds me of Big Oil on southpark apologizing for mass spilling lol