CrowdStrike makes software to help firms manage their security in IT environments.
Sopa Images | Lightrocket | Getty Images
Cybersecurity firm CrowdStrike saw its shares plunge Friday, after an update led to a major outage, impacting businesses across the world.
Shares of the company, which makes software to help firms manage their security in IT environments, tanked 15% in U.S. premarket trading.
Addressing the incident Friday morning, CrowdStrike CEO George Kurtz said the issues were caused by “a defect found in a single content update for Windows hosts.”
“This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,” Kurts said in a post on social media platform X.
Microsoft, which also reported issues affecting its Azure cloud services and Microsoft 365 suite of apps, fell 1.8% in premarket trading.
A multitude of different websites went down Friday morning, as planes were grounded and TV studios paused broadcasting, amid an ongoing major IT outage.
Earlier on Friday, CrowdStrike was hit with a major outage caused by an issue with an update affecting its Falcon Sensor product, which is designed to stop cyber breaches using cloud technology. CrowdStrike is now in the process of rolling back the update globally.
“CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor,” CrowdStrike told NBC News in a recorded phone message.
Cybersecurity experts said the update issue at CrowdStrike was responsible for directly affecting Windows systems around the world, with laptops showing an error screen known as the “blue screen of death.”
It comes after Microsoft said earlier on Friday that its cloud services had been mostly restored after it suffered an outage affecting its cloud apps in the U.S. It is not clear whether this outage was linked to CrowdStrike’s update.
The global outage shows how a single point of failure in the cyber supply chain can be responsible for huge ripple effects globally.
CrowdStrike’s pain is other cyber stocks’ gain
CrowdStrike has been a winner among cyber stocks in the past year, with its shares rising nearly 118% in the last 12 months.
Some analysts had raised questions over CrowdStrike’s lofty valuation — the company was worth $83.5 billion as of Thursday’s close. Nina Marques, analyst at Redburn Atlantic, said this week that the firm faces challenges competing with other cyber firms in the very large enterprise market.
“CrowdStrike’s strength in the endpoint protection market has long supported its premium valuation compared with peers,” Marques said in research note Thursday.
“While we do not dispute the quality and performance of CrowdStrike’s products, we do anticipate challenges in the company penetrating the very large enterprise market to maximise cross-sell opportunities enough to offset deflationary impacts.”
The research house downgraded CrowdStrike’s stock to “sell,” on Thursday and slashed its price target for the stock to $275, down from $380 — a 28% reduction.
As CrowdStrike saw its stock tumble Friday, other cybersecurity vendors benefited, likely on the back of investors betting that businesses may turn away from CrowdStrike and flock to competing firms.
Shares of Palo Alto rose 1.3% after earlier highs, while Fortinet climbed 1.6% in premarket trading. Zscaler and Cloudflare were both up around 1%, each in premarket trading.
– CNBC’s Arjun Kharpal contributed to this report