CrowdStrike: cybersecurity giant behind global outage

WASHINGTON: CrowdStrike, the cybersecurity company behind a massive global IT outage, is the leader in its sector, known for building software defenses for the cloud computing age and exposing Russian and North Korean threats.
Based in Austin, Texas, the company was founded in 2011 by George Kurtz, Dmitri Alperovitch and Gregg Marston.
Both Kurtz and Alperovitch had extensive backgrounds in cybersecurity, working at companies like McAfee.
Two years after its founding, CrowdStrike launched its signature product, the Falcon platform.
Crucially, the company embraced a “cloud-first” model to reduce big computing needs on customers and provide more effective protection.
In particular, remote computing enables updates to be carried out quickly and regularly, something that failed spectacularly in Friday’s outage when an update proved incompatible with computers running on Microsoft software.
Rather than just focusing on malware and antivirus products, the founders wanted to shift attention to identifying and stopping the attackers themselves and their techniques.
“CrowdStrike is one of the best-known cybersecurity companies around,” said Michael Daniel, who worked as the White House cybersecurity coordinator during the Barack Obama administration.
“It provides typically what we think of as sort of endpoint protection, meaning that it’s actually got software running on a server, or on a particular device, like a laptop or a desktop, and it’s scanning for potential malware connections to bad domain names,” he said.
“It’s looking for behavior that might be unusual — that sort of thing,” said Daniel, who now runs the Cyber Threat Alliance.
A report published this year by CrowdStrike estimates that 70 percent of attacks do not include viruses, but were rather manipulations carried out directly by hackers, who often use stolen or recovered credentials.
The company’s share price was down by about 12 percent on Wall Street on Friday.
CrowdStrike became a publicly traded company in 2019, and in 2023 the group generated sales of $3.05 billion, up 36 percent year-on-year.
Boosted by the wave of so-called generative AI, which requires the development of additional capabilities in the cloud, CrowdStrike raised its annual forecasts in June.
Although its business has been booming, the group is still struggling with profitability.
In 2023, it recorded a net profit of just $89 million, its first annual profit since its creation.
The company’s main competitors are Palo Alto Networks and SentinelOne, both standalone cybersecurity firms.
But cloud computing giants Microsoft, Amazon and Google provide their own cybersecurity software and are also rivals.
CrowdStrike, which is also a cyber intelligence company, made headlines when it helped investigate several high-profile cyberattacks.
Most famously, in 2014, CrowdStrike discovered evidence linking North Korean actors to the hacking of servers at Sony Pictures.
The hackers stole large amounts of data and threatened terrorist acts against movie theaters to prevent the release of “The Interview,” a comedy about North Korea’s leader.
The studio initially canceled the movie’s theatrical release, but reversed its decision after criticism.
Sony estimated the direct costs of the hack to be $35 million for investigating and remediating the breach.
CrowdStrike also helped investigate the 2015-2016 cyberattacks on the Democratic National Committee (DNC) in the United States and their connection to Russian intelligence services.
In December 2016, CrowdStrike released a report stating that a Russian government-affiliated group called Fancy Bear had hacked a Ukrainian artillery app, potentially causing significant losses to Ukrainian artillery units in their fight against Moscow-backed separatists.
However, this assessment was later disputed by some organizations and CrowdStrike rolled back some of the claims.
In recent months, CrowdStrike has criticized Microsoft for its lapses on cybersecurity as the Windows maker admitted to vulnerabilities and hackings by outside actors.
Among other criticisms, CrowdStrike slammed Microsoft for still doing business in China.
“You’re telling the public they can’t use Huawei, and they can’t let kids watch dance videos on TikTok because China is going to collect intelligence,” Shawn Henry, chief security officer at CrowdStrike, said last year.
“Yet, the most ubiquitous software, which is used throughout the government and throughout every single corporation in this country and around the world, has engineers in China working on their software,” Henry told Forbes.