Tuesday, November 5, 2024

Global IT outage latest: ‘Huge increase’ in 999 calls; CrowdStrike rules out cyber attack; thousands of flights cancelled

Must read

By Ian King, business presenter

CrowdStrike, the company at the heart of the IT outage being described as the worst the world has seen, has been a darling of Wall Street over the last year.

So far in 2024, its share price has risen by 96%, making it one of the best-performing stocks on both the tech-heavy Nasdaq and the broader S&P 500 index – to which it was recently admitted – meaning the company was valued at £84bn as at the close on Thursday night.

What thrilled investors was how the company, based in Austin, Texas, sold itself as a one-stop shop in the field of so-called ‘endpoint’ protection and how a lot of what it was doing was AI-enabled.

Endpoint protection originally began as straightforward anti-virus software but over the last decade has evolved into the provision of a series of services aimed at protecting endpoints, those physical devices – computers, laptops, mobile phones, tablets and servers – that are connected to a network.

Those services include threat detection and investigation, data leak prevention and network administration.

What made CrowdStrike popular?

Several factors, in particular, made CrowdStrike so popular. 

  • First was its market share – some 24% – of the endpoint protection market.
  • Second was the migration of data and the provision of IT services to the cloud, a transformational shift that increased demand for cyber security services. At the end of last year, less than half of global workloads had been migrated to the cloud, pointing to a big uptick in future demand.
  • Thirdly, and perhaps most importantly, were new rules announced at the end of 2023 by the Securities & Exchange Commission, the main US financial regulator, requiring public companies to disclose cyber security incidents and to disclose, annually, their cyber security risk management, strategy, and governance. That, too, was seen as a key driver of demand – as was increased spending on cyber security by governments around the world and, in particular, in the United States.

So highly valued was CrowdStrike and its prospects that it was trading at a stupendous rating. Investors traditionally value companies on a multiple of their earnings (the price/earnings ratio) and, the higher the multiple, the more highly it is rated.

On CrowdStrike’s expected earnings for the year to the end of April 2025, the company was valued – as at the close on Thursday – on a multiple of 98. 

That compares with the current multiple of 28 for the S&P 500. This was a business, then, in which a great deal of hope was invested.

The CEO behind the firm

CrowdStrike’s story and that of its president and chief executive, George Kurtz, is that of endpoint protection itself. 

Mr Kurtz, whose stake in CrowdStrike was valued at $4.2bn last night, was a qualified accountant who in October 1999 launched an anti-virus software company called Foundstone. 

He sold it to McAfee, another anti-virus provider, in 2004 for $86m and became the company’s chief technology officer. 

In 2009, he also wrote Hacking Exposed: Network Security Secrets & Solutions, the world’s best-selling book on cyber-security. 

By 2011, becoming frustrated at how McAfee was evolving in response to the changing nature of cyber-threats, events came to a head when he watched a fellow airline passenger take 15 minutes to download McAfee’s service onto their laptop.

He later recalled to the business magazine Forbes in 2020: “The guy was talking to the flight attendant, he was reading his newspaper, and he’s doing all these things while the software is grinding away and I’m just sitting there going, oh my God. 

“I’m the CTO of this company, and this is terrible.”

He subsequently left to join Warburg Pincus, the private equity firm, with a vision of building a cloud-based service providing endpoint protection, as it is known today, based on an ‘intelligence-first’ approach.

That was the genesis of CrowdStrike, whose initial slogan was “We Stop Breaches”.

How Russian hackers made the company big news

The business attracted widespread attention when, in June 2016, it revealed it had identified attempts by two Russian intelligence groups, codenamed Cosy Bear and Fancy Bear, to hack various US government entities including the White House, State Department and Joint Chiefs of Staff. 

It also revealed that the hackers had infiltrated the Democratic National Committee in what is now recognised as an attempt by Russia to interfere in that year’s US presidential election. 

It emerged that the hackers had stolen emails from the DNC and from Hillary Clinton’s election campaign and handed them to Wikileaks.

Mr Kurtz, who had been given his first computer at the age of 10 – a Texas Instruments 99/4A machine on which he was quickly devising games – was big news, as was CrowdStrike. 

VCs and other backers, including Google, fell over themselves to invest in the business.

CrowdStrike was valued at $11bn when it floated on Nasdaq in June 2019 valuing Mr Kurtz’s stake at $1.7bn.

Until now, it has been a spectacular story, but how Mr Kurtz handles this crisis will be critical.

Could apology risk Microsoft relationship?

Looking exhausted, he issued an apology to CrowdStrike’s customers today during an interview with NBC, during which he said: “We’re deeply sorry.

“That update had a software bug in it and caused an issue with the Microsoft operating system.

“We identified this very quickly and remediated the issue.”

Those comments could, though, further damage the relationship CrowdStrike has with Microsoft – which had already become increasingly fractious. 

In April last year, at an investor presentation, Mr Kurtz accused Microsoft of using “the same failed model that McAfee and Symantec have been using for the past 25 years” and claimed CrowdStrike regularly beat Microsoft when the pair were competing with each other.

He doubled down on those comments when, asked about Microsoft’s push into cybersecurity in December last year, he responded: “Given Microsoft’s history, it’s like the doctor selling the patient cigarettes.”

Then in May this year, after the US Cyber Safety Review Board criticised Microsoft for failing to prevent a 2023 cyber attack on its cloud service, he launched a service called Falcon for Defender – claiming the service would stop attacks missed by Microsoft’s own Defender service.

He said: “We decided enough is enough. There’s a widespread crisis of confidence among security and IT teams within the Microsoft customer base.”

Outage has massive repercussions – even if backers keep faith

For now, some of CrowdStrike’s biggest supporters are keeping the faith.

Dan Ives, managing director and senior equity research analyst at Wedbush Securities and one of Wall Street’s best-known tech-watchers, told clients today: “CrowdStrike has a strong brand and global marketing presence which will need to go into next gear over the coming weeks and months to curtail some damage from this.

“Today CrowdStrike becomes a household name but not in a good way and this will take time to settle down but does not change our positive long term view of CrowdStrike or the cyber security sector.”

Microsoft, meanwhile, will be doing its best to distance itself from this crisis.

But this incident will have massive repercussions longer term.

Latest article