Home •

CrowdStrike Windows Outage – Supply Chain Impact Assessment

Following the recent CrowdStrike outage, we have compiled a supply chain impact assessment using data from the Prewave platform. 

The assessment focuses on highly-sensitive sectors in Global Value Chains, notably airports and ports, and provides insight into the current and ongoing effects of the incident.

What Happened?

CrowdStrike, a leading cybersecurity company, experienced a significant incident on July 19, 2024 at 04:09 UTC.

The incident, caused by a defective content update for Windows hosts, led to widespread operational disruptions for Windows machines worldwide. Mac and Linux hosts were not affected. 

After the defect was identified, immediate efforts were made to mitigate the impact and restore normal operations.

Despite this, many companies and their customers experienced delays and operational challenges. The incident shows the risks of hyper-centralisation: reliance on a single provider leading to higher impact when issues arise.

Who Are CrowdStrike?

CrowdStrike provides endpoint protection and threat intelligence for businesses that rely on Windows platforms. Their relationship with Microsoft means that malfunctions in their updates can have far-reaching consequences. 

While largely reliant on the US market, CrowdStrike provides services to companies in several major industries worldwide:

Source: CrowdStrike Financial Report

Measuring the Impact

On the Prewave platform, 76% of reported alerts concerned airlines, airports, and ports. This is likely because of: 

  1. Overreporting due to direct public impact. Incidents in these sectors receive more media attention because they directly affect the public.
  2. Overreporting due to visibility. Incidents in highly-visible sectors are more likely to be reported.

CrowdStrike’s spread across industries means that the “real” impact rate is likely more balanced. However, the biggest impact on global value chains will still come from affected critical infrastructure.

Affected Industries: Air and Maritime Transport

The high impact to airlines and airports could be due to the high need for cybersecurity within this highly-sensitive sector. Not all listed airlines were directly affected, yet many were impacted indirectly due to disruption at airports that led to the grounding of planes.

Among the affected airports, the most critical are:

  • London Heathrow
  • Changi Airport
  • Amsterdam Schiphol
  • Delhi International Airport (not confirmed)
  • Narita International Airport (not confirmed)

Fewer alerts (7%) concerned ports, the most important being:

  • Felixstowe, Dover, Tilbury and Liverpool in the UK
  • Poland’s Baltic Hub

Depending on the duration of impact, companies that rely on maritime shipping should prepare for ripple effects across their supply chains. The latest disruption adds strain to an already stretched system, affected by other events such as the Houthi attacks in Bab-el-Mandeb. Disruptions to the global air traffic system also reduce alternatives to maritime transport.

It is also important to monitor effects on the railway system, although only a partial disruption to Southern Rail in the UK has been confirmed to-date.

Source: Prewave alerts

Countries and Regions

Our data shows the countries most affected by the incident. The high numbers for the UK and the USA correlate with sales data indicating high-usage in the USA and EMEA regions.

Source: Prewave alerts

    Related posts

    Keep on reading

    Understanding Double Materiality
    Blog

    The Core of CSRD Compliance: Understanding Double Materiality

    Learn how to leverage double materiality for smarter strategic decision-making and align sustainability with your business goals for lasting impact….
    How AI-Powered Risk Prediction Can Save Millions in the Wake of Natural Disasters
    Blog

    How AI-Powered Risk Prediction Can Save Millions in the Wake of Natural Disasters

    Discover how AI-powered risk prediction can save millions by enhancing supply chain resilience against natural disasters. Learn proactive strategies today….
    CSRD guide
    Blog

    CSRD Unpacked: Preparing Your Business for the New Era of ESG Reporting

    Discover how the CSRD is reshaping ESG reporting and learn actionable steps to ensure your business stays compliant with the…