In July 2024, the business world was rocked by a major IT outage caused by a faulty update to CrowdStrike’s Falcon sensor. This incident resulted in global disruptions, including system crashes and data inaccessibility, severely impacting numerous companies. At Xantro.eu, we played a crucial role in supporting these affected businesses through crisis management and recovery processes. Here, we share how we assisted these companies and the lessons that can be learned.
The Crisis: The CrowdStrike Update of 2024
On July 19, 2024, CrowdStrike released an update for their Falcon sensor, which contained a critical error. This update led to Blue Screens of Death (BSOD) on many Windows systems worldwide, severely affecting companies in sectors such as healthcare, banking, transportation, and government services. The problem required manual intervention to restore systems, a time-consuming and labor-intensive task.
Step 1: Preparation
Risk Analysis and Crisis Plans: We assisted in assembling crisis teams that could quickly respond to the disruption. These teams consisted of members from IT, legal, communications, and customer service, each playing a role in managing the crisis.
Assembling a Crisis Team: We assisted in assembling crisis teams that could quickly respond to the disruption. These teams consisted of members from IT, legal, communications, and customer service, each playing a role in managing the crisis.
Step 2: Response
Rapid Action and System Isolation: Our first step was to isolate the affected systems to prevent further damage. This involved manually rebooting systems in safe mode and removing the faulty files, a task that took days.
Transparent Communication: We advised companies on informing their employees and customers. Transparent and timely communication was crucial to maintain trust and prevent misunderstandings. Multiple channels, such as emails and press releases, were used to effectively disseminate the message.
Collaboration with External Experts: Xantro.eu collaborated with external cybersecurity experts and agencies to get the situation under control. This collaboration ensured a coordinated approach to resolving technical issues and restoring systems.
Step 3: Recovery
Evaluating the Response: After the incident, we conducted a thorough evaluation. We assessed what worked well and what could be improved, using these insights to enhance the companies’ crisis plans.
Restoring Business Operations: Thanks to a robust approach, the affected companies were able to quickly return to normal operations. We provided support in restoring systems and processes, ensuring that employees received the necessary assistance to resume their work.
Adjusting Crisis Plans: Based on the experiences and lessons learned, we adjusted the crisis plans. This ensured that companies were better prepared for future incidents and strengthened their resilience.
The Role of Xantro.eu
At Xantro.eu, we played a crucial role in supporting the affected companies during this crisis. Our expertise in crisis management, risk assessment, and incident response was invaluable. We were ready to react quickly, provide advice, and support the recovery process.
Conclusion
The incident with CrowdStrike highlights the importance of effective crisis management for any company. By proactively planning, responding quickly, and continuously evaluating, companies can minimize the impact of crises and recover quickly. At Xantro.eu, we are ready to help your company develop and implement robust crisis management strategies. Contact us today to discover how we can support you.
English 
Dutch