On July 19, 2024, the world got an unwanted glimpse of what might have happened had the Y2K “millennium bug” struck more than two decades earlier. A software update gone wrong caused millions of computing devices to crash. As a result, chaos plagued airlines, hospitals, banks, and retailers for days.
The so-called “CrowdStrike attack” wasn’t Y2K, as IT expert Sean Michael Kerner notes. But “it was a software issue that did, in fact, trigger massive disruption on a scale that has not been seen before.”
The CrowdStrike outage is also a stark reminder: No organization is invulnerable to disruptive, costly, and potentially disastrous cyber incidents.
No ransomware attack or other malicious activity caused this outage. Yet it highlights the extremely interconnected nature of today’s software supply chain. This incident caused the data access challenges, service interruptions, and damage to revenue and reputation an actual supply chain cyber attack can cause. What’s more, cyber criminals took advantage of the situation to prey on confused individuals and compromised systems.
The CrowdStrike attack underscores your need, as a Cyber Insurance broker, to have discussions with your clients about safely and effectively navigating today’s digital security landscape.
What Is the CrowdStrike Attack?
CrowdStrike is an American cyber security technology company that specializes in providing endpoint security, threat intelligence, and cyber attack response services. Its main product is its Falcon platform. Falcon monitors for and can stop such threats as ransomware attacks and fileless malware.
The “CrowdStrike cyber attack,” again, wasn’t an actual attack against CrowdStrike. It was a flaw in one version of a sensor configuration update file. By the time CrowdStrike found and fixed the error, some 8.5 million machines worldwide running on Microsoft Windows had been affected.
That figure represents less than 1% of all Windows machines. Those machines, however, play key roles in multiple critical enterprises.
Windows’ infamous Blue Screen of Death heralded cataclysmic IT impacts across multiple sectors:
- Airlines and airports struggled with system outages that led to widespread delays and tens of thousands of canceled flights.
- Hospitals and other healthcare providers found themselves unable to access electronic health records, resulting in a temporary halt to routine medical procedures and emergency services alike.
- Banks, card payment systems, and other financial service providers scrambled to respond to customers who couldn’t access their accounts online.
All told, the cost of the CrowdStrike outage will run into the billions of dollars. It will cost the Fortune 500 companies a combined $5.4 billion, according to cloud monitoring and insurance firm Parametrix. Affected companies will lose an estimated $43.6 million each.
Lessons About Cyber Insurance Coverage From the CrowdStrike Outage
Insurance payouts, though sizable, will not end up covering all losses. Experts say payouts will be about $1.1 billion. Had this outage been an actual “CrowdStrike attack”—in other words, the result of a deliberate malicious action by threat actors—losses might have been even larger.
Even so, the CrowdStrike incident carries important lessons for businesses about Cyber Insurance coverage in risk management. Businesses should:
- Assess Vendor Risk
Businesses should ensure their insurance policies account for risks associated with dependencies on external vendors. A single point of failure can lead to widespread disruptions.
- Understand Coverage Limits
Businesses must closely examine their Cyber Insurance policies to understand what is covered in the event of an IT outage caused by third-party vendors. The CrowdStrike outage highlights the potential for significant financial losses due to downtime. Knowing policy limits, deductibles, and exclusions is critical.
- Engage with Insurers
Businesses should maintain an ongoing dialogue with their insurance providers. Doing so will help them better grasp their policies’ nuances, discuss risk management strategies, and prepare for potential claims.
- Regularly Review and Update Policies
The dynamic nature of cyber threats necessitates regular reviews of Cyber policies. Businesses should update their coverage to reflect changes in operational risks, evolving threat landscapes, and lessons learned from past incidents.
- Develop a Holistic Incident Response Plan
Cyber Insurance alone can’t replace a robust business continuity plan. Indeed, insurers frequently require the insured already have a cyber incident response plan in place. Businesses should integrate their insurance strategies with comprehensive recovery and business continuity plans to mitigate risks and ensure they can respond to incidents effectively.
Help Your Business Clients Get and Stay Ready With Cyber Insurance
The “CrowdStrike attack” offers yet more evidence that doing nothing to guard against cyber dangers is simply not an option in the digital age.
Even more so than when Y2K worries ran rampant, organizations must proactively take steps to safeguard systems, protect sensitive data, and maintain operational continuity.
Helping your business clients get the levels of Cyber Insurance coverage they need is one of the single-most important ways you can help them prepare for the eventuality of cyber security incidents.
Brokers who register with ProWriters have access to proprietary, powerful technology that makes researching, quoting, and selling Cyber Insurance simpler than ever.
To find out more and to get started, register with ProWriters today.