Major Tech Outage- CrowdStrike Disrupts Businesses Worldwide

Written By Marcom ITSM.SG

On July 18, 2024, a widespread tech outage affected numerous businesses globally, including in Singapore. The issue stemmed from an update to CrowdStrike's Falcon sensor, causing BSOD (Blue Screen of Death) errors on Windows systems. Key sectors like airlines, banks, and media companies experienced significant disruptions.

Here’s a guide to mitigate the issue and ensure your business is protected against future incidents.

Remediation to Fix the BSOD Issue

  1. Boot into Safe Mode:
    • Restart your PC and press the key (such as F8, F2, F12, or Delete) that opens the Advanced Boot Options menu specific to your BIOS. Refer to your computer’s manual for the exact key if needed.
    • Select "Safe Mode" and press Enter.
  2. Delete the Problematic File:
    • Open Command Prompt with administrative privileges.
    • Navigate to the CrowdStrike directory using:
      • cd "C:\Windows\System32\drivers\CrowdStrike"
    • Identify the problematic file:
      • dir "C-00000291*.sys"
    • Delete the identified file:
      • del "C-00000291abc.sys"
  3. Reboot Normally:
    • Restart your PC to boot normally.

The unofficial way…

ren "c:\windows\System32\drivers\CrowdStrike CrowdStrike_broken"

This command will rename the "CrowdStrike" directory to "CrowdStrike_broken," effectively making it appear missing to the system.

By doing so, CrowdStrike will automatically download the latest copy of the necessary files, which should now include the fixed version that resolves the BSOD issue.

Seems Pretty Straightforward. But is it really this case?

Now, it may seem straightforward to fix this issue by following the steps outlined above. However, managing such incidents can be overwhelming, especially if your business operates multiple endpoints. Consider the following questions:

  • Do you have the capability to mitigate this if it happens again?

  • Are your backup systems reliable and up-to-date?

  • Do you have tools to automate these processes efficiently?

Investing in comprehensive IT solutions can help safeguard your business against future disruptions, ensuring business continuity and minimizing downtime.

For example,

In this scenario, devices with bitlocker activated might not be able to perform the above fix that easily. An organization with hundreds of devices may find it challenging to manually update each device.

Specific Considerations

For devices with BitLocker activated:

  • Retrieve the BitLocker Key: Admins need to access and provide the BitLocker recovery key to boot into Safe Mode. This key might be stored in Active Directory, Microsoft Account, or printed/saved in a secure location.
  • BitLocker Key Accessibility: Ensure that the BitLocker keys are easily accessible during emergencies. Some keys might be locked up or not readily available, delaying the recovery process.

Examples

  • Scenario 1: An organization with hundreds of devices may find it challenging to manually update each device. Automation tools can streamline this process.
  • Scenario 2: If backup systems are not up-to-date, recovering from such incidents can lead to significant data loss and extended downtime.


Need Help Managing Your IT Infrastructure?

Let’s enhance your business operations with robust IT solutions that prioritize security and efficiency.

Exclusive IT Management Solutions

Unlike other providers, our services ensure comprehensive endpoint management, reliable backups, and automated recovery processes, tailored to your needs.

Push Your Business Forward with Robust IT Solutions

In light of recent events, businesses must evaluate their readiness to handle such outages. As a Managed Service Provider (MSP), we offer comprehensive solutions to ensure your business can quickly and efficiently mitigate these incidents. Consider the following:

  • Endpoint Management: We provide robust tools to manage multiple endpoints effectively.

  • Backup Systems: Our reliable backup solutions prevent data loss and ensure quick recovery.

  • Automation Tools: We equip you with tools to automate recovery processes, minimizing downtime.

Reflect and Question Your Preparedness

Managing multiple endpoints can be challenging during widespread outages. Reflect on your current capabilities:

  • Mitigation Strategies: How quickly can you respond to similar incidents?

  • Backup Solutions: Are your backup systems robust and up-to-date?

  • Automation and Tools: Do you have the necessary tools to automate recovery processes?

Contact Us Today

Strengthen your IT infrastructure today. Contact us for a consultation to ensure your business is protected against future tech outages. Our experts can help you implement effective solutions tailored to your needs. Stay ahead, stay secure.

For more detailed instructions and updates, visit the official CrowdStrike support portal and follow their guidance.

Marcom ITSM.SG
Previous

IBM WebSphere Application Server Vulnerability: CVE-2024-45087
Next

Microsoft 365 and Office 365 Licensing Changes: A Global Update