An apparent investor on Reddit, who goes by the username u/King_Kunta_, dropped a scathing critique of cybersecurity firm CrowdStrike just a few hours before the company was involved in a mass global IT outage across various industries.
The issue, which occurred after the company pushed an update to its main software, caused Windows 365 Cloud services to malfunction and become inoperable. Initially, many pointed fingers at Microsoft, only to realize later that the fault lay with CrowdStrike.
In a detailed post, the Redditor accused the firm of being a “threat vector” — an IT term that refers to particularly vulnerable aspects of cybersecurity networks that hackers can exploit in order to launch a variety of attacks. These may include extortion via ransomware, taking control of systems, data theft, and, as seen in CrowdStrike’s case, causing large-scale system failures.
A Reddit user warned the internet of CrowdStrike’s security vulnerabilities just hours before a system failure affected all of its associated devices around the world
u/King_Kunta_, who urged members of the wallstreetbets subreddit to “put” the CrowdStrike stock hours before the outage, claimed the catastrophic system failure was facilitated by a combination of factors.
First, the prevalence of CrowdStrike among Fortune 100 companies. The firm provides security services to 44 out of 100 of said enterprises, alongside 9 out of 20 major banks and 7 of the top 10 largest energy institutions in the country. This extensive reach makes it the number one leader in the endpoint protection market, according to business intelligence firm 6sense.
Second, the widespread collection of all businesses’ “endpoint data,” which they then use and compare to provide insight. This means, the user argues, that every company that utilizes CrowdStrike becomes part of a “Data Commune,” which in IT terms means that the private information of each business is shared across their network, which a hacker could then exploit to access mass amounts of sensitive information.
Third, CrowdStrike has administrative access to every device, also known as “endpoints,” across thousands of firms. The user claims this was instrumental in the massive and coordinated nature of the recent outage.
The Redditor concluded that all of the above factors combined make CrowdStrike a “threat vector,” which hacker groups can easily exploit to cause widespread damage across many different systems and demand ransom through stolen sensitive data.
Users reacted with disbelief at the accuracy and timing of the critique of CrowdStrike, which was uploaded just a few hours before the company “crashed the world”
The original post was written approximately 5 hours before the global IT crisis occurred, which caused many users to be skeptical and discredit his claims.
“The funniest part of this post is claiming that the average person has no idea what ‘cloud’ or ‘cybersecurity’ is, followed by multiple paragraphs of the author showing that they don’t know what they are either,” said one user dismissively, only to be surprised by what happened shortly after.
“I went to sleep last night reading a bunch of comments from the whole lot of you saying that he has no idea of what he’s talking about. Then I wake up and read this company single handedly crashed the world,” a user responded, echoing the sentiments of many of the more than 1,500 replies the post has received at the time of writing.
Many, some more jokingly than others, reacted with suspicion at the timing of the post, which was updated a few hours before the cybersecurity incident occurred.
As one commenter noted, “He tells us that Crowdstrike is a threat vector. A few hours later, every computer in the world with the Crowdstrike client installed goes blue screen. The single biggest global PC system collapse in history. Just uncanny.”
“The fact that CrowdStrike just took out half the internet shortly after this post is hilarious,” pointed a user.
“How much money did you make with this prediction?” asked another.
“This aged perfectly,” a commenter pointed out. “Yeah, you’re getting a visit from the Feds,” warned another.
One even shared his own experience with the outage, “Crowdstrike just f–d our company computers and we’re not alone. Last patch is causing blue screen loops on 500 PCs and my partner’s company is impacted too.”
As the company experienced reputational damage, the CEO of CrowdStrike took to X to reassure his shareholders that no security breach had occurred
CrowdStrike’s CEO George Kurtz delivered an official statement on X denying any claims of a possible security breach.
“Today was not a security or cyber incident. Our customers remain fully protected,” he stated, promising users that “the issue has been identified and a fix has been deployed.”
He confirmed that the outage occurred because of an update to one of their products for Windows and assured his clients that no unauthorized third party was involved.
The statement received mixed responses, with many still wary of further malfunctions.