Following the recent CrowdStrike outage, we have compiled a supply chain impact assessment using data from the Prewave platform.
The assessment focuses on highly-sensitive sectors in Global Value Chains, notably airports and ports, and provides insight into the current and ongoing effects of the incident.
What Happened?
CrowdStrike, a leading cybersecurity company, experienced a significant incident on July 19, 2024 at 04:09 UTC.
The incident, caused by a defective content update for Windows hosts, led to widespread operational disruptions for Windows machines worldwide. Mac and Linux hosts were not affected.
After the defect was identified, immediate efforts were made to mitigate the impact and restore normal operations.
Despite this, many companies and their customers experienced delays and operational challenges. The incident shows the risks of hyper-centralisation: reliance on a single provider leading to higher impact when issues arise.
Who Are CrowdStrike?
CrowdStrike provides endpoint protection and threat intelligence for businesses that rely on Windows platforms. Their relationship with Microsoft means that malfunctions in their updates can have far-reaching consequences.
While largely reliant on the US market, CrowdStrike provides services to companies in several major industries worldwide:
Source: CrowdStrike Financial Report
Measuring the Impact
On the Prewave platform, 76% of reported alerts concerned airlines, airports, and ports. This is likely because of:
- Overreporting due to direct public impact. Incidents in these sectors receive more media attention because they directly affect the public.
- Overreporting due to visibility. Incidents in highly-visible sectors are more likely to be reported.
CrowdStrike’s spread across industries means that the “real” impact rate is likely more balanced. However, the biggest impact on global value chains will still come from affected critical infrastructure.
Affected Industries: Air and Maritime Transport
The high impact to airlines and airports could be due to the high need for cybersecurity within this highly-sensitive sector. Not all listed airlines were directly affected, yet many were impacted indirectly due to disruption at airports that led to the grounding of planes.
Among the affected airports, the most critical are:
- London Heathrow
- Changi Airport
- Amsterdam Schiphol
- Delhi International Airport (not confirmed)
- Narita International Airport (not confirmed)
Fewer alerts (7%) concerned ports, the most important being:
- Felixstowe, Dover, Tilbury and Liverpool in the UK
- Poland’s Baltic Hub
Depending on the duration of impact, companies that rely on maritime shipping should prepare for ripple effects across their supply chains. The latest disruption adds strain to an already stretched system, affected by other events such as the Houthi attacks in Bab-el-Mandeb. Disruptions to the global air traffic system also reduce alternatives to maritime transport.
It is also important to monitor effects on the railway system, although only a partial disruption to Southern Rail in the UK has been confirmed to-date.
Source: Prewave alerts
Countries and Regions
Our data shows the countries most affected by the incident. The high numbers for the UK and the USA correlate with sales data indicating high-usage in the USA and EMEA regions.
Source: Prewave alerts