A survey by German federal IT reporting agency BSI reveals the scale of the impact that the global CrowdStrike outage had inside the country. Of the organizations in Germany that were affected, the majority experienced crashes on PCs and/or servers.
It’s been exactly two months since a faulty CrowdStrike update caused IT chaos in airports, inside hospitals and inside offices worldwide. The BSI (Germany’s Federal Office for Security in Information Technology) polled 331 organizations affected by the glitch. It found that 62 percent were affected by crashes on their PCs or servers, while 48 percent were at least indirectly affected due to partners, customers or suppliers suffering from the effects of the outage.
Sentiment
The BSI admits that its own report is not representative of the overall impact of the IT outage. After all, together with digital advocacy organization Bitkom, it only spoke to parties who experienced the impact to some degree. Obviously, much of the IT infrastructure remained intact, although CrowdStrike’s customer base is large and diverse, meaning the end results were still globally felt.
Interestingly, a smaller percentage of PCs went down than servers: 32 percent versus 51 percent. The percentages are slightly higher on both counts among smaller organizations. By far the most common problems were system crashes (83 percent), applications going down (64 percent) or inaccessible data (58 percent). In addition, network problems (27 percent), specific software failures (24 percent), peripheral equipment failure (17 percent) and IT systems slowdown (16 percent) were also regular occurrences. Data loss (7 percent) and security vulnerabilities (1 percent) were mentioned significantly less.
Overall, the outage hit large organizations the hardest. While companies with fewer than 20 employees spent an average of 15 hours fixing the outage problems, organizations with 2,000 or more employees had to spend an average of 1,394 hours (!) recovering their IT infrastructures and getting back to normal.
Tip: Soft landing for CrowdStrike earnings, but outage fallout continues
Long sit
74 percent of affected organizations solved their problems themselves, possibly by looking to social media for advice or CrowdStrike’s website. 15 percent received support from external IT service providers, while 9 percent were contacted by CrowdStrike directly and 4 percent by Microsoft.
Often the issues took a while to dissipate. Although 47 percent got back to normal within 24 hours, the average recovery time was two days. In fact, 8 percent needed more than five days to fully recover. Among the organizations surveyed, 40 percent reported that the outage harmed their own customer-facing services.
Lessons learned
Following the lead of CrowdStrike itself and Microsoft, customer organizations are drawing their conclusions. Two-thirds are going to create an IT contingency plan, improve an existing one – included in the figure are those who have already done one or the other. More than half plan to offer training courses to improve their patch management. This is a somewhat general solution that doesn’t match the specific cause of the outage, since this IT outage involved a faulty update, not a patch. Either way, the best practices which IT specialists know about already have been reiterated. They seem to be primarily focused on cyber resilience in a general sense, which can’t hurt. Still, the nature of CrowdStrike’s failure was so unique that a similar failure is unlikely to occur in quite the same way. But, as BSI President Claudia Plattnet also points out, “There will never be 100 percent protection against IT security incidents in the future. Nevertheless, we want to be as close to 100 percent as possible.”
Also read: Microsoft summit to prevent repeat of IT outage yields no real results