How the CrowdStrike Update Issue Disrupted Manufacturing: BSOD and Remediation

by | Jul 19, 2024 | Technology and Innovation

CrowdStrike Issue

CrowdStrike Update Issue – What This Means for Manufacturers

The manufacturing industry, known for its reliance on continuous and precise operations, faced a significant disruption recently due to a faulty update from CrowdStrike, a leading cybersecurity firm. This update led to widespread occurrences of Blue Screens of Death (BSOD) on numerous devices, creating a ripple effect across production lines and operational systems.

The Incident

On the night of July 18th, 2024, a routine update from CrowdStrike caused an unexpected issue that resulted in many machines failing to load correctly, leading to BSOD errors. This error, critical in nature, was promptly addressed by CrowdStrike, who identified the faulty update and rolled it back early the following morning. However, devices that had already been affected by the update required manual intervention to restore normal functionality.

Impact on Manufacturing

For the manufacturing sector, the implications were particularly severe. This industry relies heavily on Operational Technology (OT) systems, which are interconnected with IT systems to ensure seamless production processes. Any disruption in these IT systems can lead to immediate and significant halts in production, causing delays, financial losses, and bottlenecks in the supply chain.

Manufacturing plants often run 24/7, and the downtime caused by such IT issues can be costly. Control systems, machinery interfaces, and other critical operations were directly impacted by the BSOD errors, showcasing the vulnerability of integrated OT and IT environments to cybersecurity mishaps.

(See how KPI’s managed IT services for manufacturers prevents these mishaps for your business)

Immediate Response and Solutions

CrowdStrike quickly responded by rolling back the faulty update, preventing further spread of the issue. For machines already affected, a simple restart resolved the problem for some, but not all. Here are the steps recommended for resolving persistent BSOD issues:

  1. Boot Windows into Safe Mode.
  2. Navigate to C:\Windows\System32\drivers\Crowdstrike.
  3. Locate the file “C-00000291.sys” and delete it.*
  4. Reboot the workstation.

These steps have been effective in restoring functionality to affected devices.

Broader Cybersecurity Implications

This incident highlights several broader cybersecurity considerations for the manufacturing industry:

  1. Integration of IT and OT Systems: The interconnected nature of IT and OT systems means that a failure in one can have immediate and significant effects on the other. This underscores the need for robust cybersecurity measures that protect both IT and OT environments.
  2. Proactive Cybersecurity Measures: Manufacturers must implement proactive cybersecurity strategies, including regular updates, patches, and a well-documented incident response plan to mitigate risks swiftly.
  3. Vendor Management: Relying on third-party cybersecurity solutions requires diligent vendor management and continuous monitoring to ensure that updates and changes do not disrupt critical operations.

Moving Forward

As the manufacturing industry continues to adopt advanced technologies and integrate more systems, cybersecurity will play an increasingly vital role in maintaining operational resilience. Incidents like the recent CrowdStrike update serve as a reminder of the importance of proactive measures and swift responses to cybersecurity threats.

For more insights and the latest updates on cybersecurity trends affecting the manufacturing sector, sign up for our newsletter.

References:

  • CrowdStrike Global Threat Report, 2024​ (CrowdStrike)​​ (CrowdStrike)​.
  • TechRepublic article on the impact of recent cybersecurity threats​ (TechRepublic)​.
Skip to content