Latest news with #CrowdStrike
WIRED
12 hours ago
- Health
- WIRED
At Least 750 US Hospitals Faced Disruptions During Last Year's CrowdStrike Outage, Study Finds
Jul 19, 2025 11:54 AM Of those, more than 200 appear to have had outages of services related to patient care following CrowdStrike's disastrous crash, researchers have revealed. Photograph:When, one year ago today, a buggy update to software sold by the cybersecurity firm CrowdStrike took down millions of computers around the world and sent them into a death spiral of repeated reboots, the global cost of all those crashed machines was equivalent to one of the worst cyberattacks in history. Some of the various estimates of the total damage worldwide have stretched well into the billions of dollars. Now a new study by a team of medical cybersecurity researchers has taken the first steps toward quantifying the cost of CrowdStrike's disaster not in dollars, but in potential harm to hospitals and their patients across the US. It reveals evidence that hundreds of those hospitals' services were disrupted during the outage, and raises concerns about potentially grave effects to patients' health and well-being. Researchers from the University of California San Diego today marked the one-year anniversary of CrowdStrike's catastrophe by releasing a paper in JAMA Network Open, a publication of the Journal of the American Medical Association Network, that attempts for the first time to create a rough estimate of the number of hospitals whose networks were affected by that IT meltdown on July 19, 2024, as well as which services on those networks appeared to have been disrupted. A chart showing a massive spike in detected medical service outages on the day of CrowdStrike's crashes. Courtesy of UCSD and JAMA Network Open By scanning internet-exposed parts of hospital networks before, during, and after the crisis, they detected that at minimum 759 hospitals in the US appear to have experienced network disruption of some kind on that day. They found that more than 200 of those hospitals seemed to have been hit specifically with outages that directly affected patients, from inaccessible health records and test scans to fetal monitoring systems that went offline. Of the 2,232 hospital networks they were able to scan, the researchers detected that fully 34 percent of them appear to have suffered from some type of disruption. All of that indicates the CrowdStrike outage could have been a 'significant public health issue,' argues Christian Dameff, a UCSD emergency medicine doctor and cybersecurity researcher, and one of the paper's authors. 'If we had had this paper's data a year ago when this happened," he adds, 'I think we would have been much more concerned about how much impact it really had on US health care.' CrowdStrike, in a statement to WIRED, strongly criticized the UCSD study and JAMA's decision to publish it, calling the paper 'junk science.' They note that the researchers didn't verify that the disrupted networks ran Windows or CrowdStrike software, and point out that Microsoft's cloud service Azure experienced a major outage on the same day, which may have been responsible for some of the hospital network disruptions. 'Drawing conclusions about downtime and patient impact without verifying the findings with any of the hospitals mentioned is completely irresponsible and scientifically indefensible,' the statement reads. 'While we reject the methodology and conclusions of this report, we recognize the impact the incident had a year ago,' the statement adds. 'As we've said from the start, we sincerely apologize to our customers and those affected and continue to focus on strengthening the resilience of our platform and the industry.' In response to CrowdStrike's criticisms, the UCSD researchers say they stand by their findings. The Azure outage that CrowdStrike noted, they point out, began the previous night and affected mostly the central US, while the outages they measured began at roughly midnight US east coast time on July 19—about the time when CrowdStrike's faulty update began crashing computers—and affected the entire country. (Microsoft did not immediately respond to a request for comment.) 'We are unaware of any other hypothesis that would explain such simultaneous geographically-distributed service outages inside hospital networks such as we see here' other than CrowdStrike's crash, writes UCSD computer science professor Stefan Savage, one of the paper's co-authors, in an email to WIRED. (JAMA declined to comment in response to CrowdStrike's criticisms.) In fact, the researchers describe their count of detected hospital disruptions as only a minimum estimate, not a measure of the real blast radius of CrowdStrike's crashes. That's in part because the researchers were only able to scan roughly a third of America's 6,000-plus hospitals, which would suggest that the true number of medical facilities affected may have been several times higher. The UCSD researchers' findings stemmed from a larger internet-scanning project they call Ransomwhere?, funded by the Advance Research Projects Agency for Health and launched in early 2024 with the intention of detecting hospitals' ransomware outages. As a result of that project, they were already probing US hospitals using the scanning tools ZMap and Censys when CrowdStrike's July 2024 calamity struck. For the 759 hospitals in which the researchers detected that a service was knocked offline on July 19, their scans also allowed them to analyze which specific services appeared to be down, using publicly available tools like Censys and the Lantern Project to identify different medical services, as well as manually checking some web-based services they could visit. They found that 202 hospitals experienced outages of services directly related to patients. Those services included staff portals used to view patient health records, fetal monitoring systems, tools for remote monitoring of patient care, secure document transfer systems that allow patients to be transferred to another hospital, 'pre-hospital' information systems like the tools that can share initial test results from an ambulance to an emergency room for patients requiring time-critical treatments, and the image storage and retrieval systems that are used to make scan results available to doctors and patients. 'If a patient was having a stroke and the radiologist needed to look at a scan image quickly, it would be much harder to get it from the CT scanner to the radiologist to read,' Dameff offers as one hypothetical example. The researchers also found that 212 hospitals had outages of 'operationally relevant' systems like staff scheduling platforms, bill payment systems, and tools for managing patient wait times. In another category of 'research relevant' services, the study found that 62 hospitals faced outages. The biggest fraction of outages in the researchers' findings was an 'other' category that included offline services that the researchers couldn't fully identify in their scans at 287 hospitals, suggesting that some of those, too, might have been uncounted patient-relevant services. 'Nothing in this paper says that someone's stroke got misdiagnosed or there was a delay in the care of someone getting life-saving antibiotics, for instance. But there might have been,' says Dameff. 'I think there's a lot of evidence of these types of disruptions. It would be hard to argue that people weren't impacted at a potentially pretty significant level.' The study's findings give a sprawling new sense of scope to anecdotal reports of how CrowdStrike's outage affected medical facilities that already surfaced over the last year. WIRED reported at the time that Baylor hospital network, a major nonprofit health care system, and Quest Diagnostics were both unable to process routine bloodwork. The Boston-area hospital system Mass General Brigham reportedly had to bring 45,000 of its PCs back online, each of which required a manual fix that took 15 to 20 minutes. In their study, researchers also tried to roughly measure the length of downtime of the hospital services affected by the CrowdStrike outage, and found that most recovered relatively quickly: About 58 percent of the hospital services were back online within six hours, and only 8 percent or so took more than 48 hours to recover. That's a far shorter disruption than the outages from actual cyberattacks that have hit hospitals, the researchers note: Mass-spreading malware attacks like NotPetya and WannaCry in 2017 as well as the Change Healthcare ransomware attack that struck the payment provider subsidiary of United Healthcare in early 2024 all shut down scores of hospitals across the US—or in the case of WannaCry, the United Kingdom—for days or weeks in some cases. But the effects of the CrowdStrike debacle nonetheless deserve to be compared to those intentionally inflicted digital disasters for hospitals, the researchers argue. 'The duration of the downtimes is different, but the breadth, the number of hospitals affected across the entire country, the scale, the potential intensity of the disruption is similar,' says Jeffrey Tully, a pediatrician, anesthesiologist, and cybersecurity researcher who coauthored the study. A map showing the duration of the apparent downtime of detected medical service outages in hospitals across the US. Courtesy of UCSD and JAMA Network Open A delay of hours, or even minutes, can increase mortality rates for heart attack and stroke patients, says Josh Corman, a cybersecurity researcher with a focus on medical cybersecurity at the Institute for Security and Technology and former CISA staffer who reviewed the UCSD study. That means that even a shorter-duration outage in patient related services across hundreds of hospitals could have concrete and seriously harmful—if hard to measure—consequences. Aside from drawing a first estimate of the possible toll on patients' health in this single incident, the UCSD team emphasizes that the real work of their study is to show that, with the right tools, it's possible to monitor and learn from these mass medical network outages. The result may be a better sense of how to prevent—or in the case of more intentional downtime from cyberattacks and ransomware—protect hospitals from experiencing them in the future.
Yahoo
13 hours ago
- Business
- Yahoo
CrowdStrike (CRWD) Initiated at ‘Neutral' by Macquarie on Valuation Concerns
CrowdStrike Holdings, Inc. (NASDAQ:CRWD) is one of the AI Stocks on Wall Street's Radar. On July 17, Macquarie analyst Steve Koenig initiated coverage on the stock with a 'Neutral' rating and a price target of $465. According to the firm, Crowdstrike's product strategy can continue driving sales momentum and product differentiation. However, the analysts told investors in a research note that the company's valuation looks 'rich on a variety of metrics' at current share levels. In particular, the firm highlighted that CrowdStrike is trading at a 58% premium to their estimated 'Rule of X' enterprise value to next-twelve-months revenue multiple. CrowdStrike Holdings, Inc. (NASDAQ:CRWD) is a leader in AI-driven endpoint and cloud workload protection. While we acknowledge the potential of CRWD as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: and Disclosure: None. Sign in to access your portfolio
Yahoo
16 hours ago
- Business
- Yahoo
CrowdStrike (CRWD) Expands AWS Partnership to Power AI Security Solutions
CrowdStrike Holdings, Inc. (NASDAQ:CRWD) is one of the . On July 16, Crowdstrike announced an expanded collaboration with Amazon Web Services (AWS) to fast-track AI adoption in cybersecurity and secure AI use. Under the collaboration, Crowdstrike's new tools, the falcon-mcp, which is an MCP server for the CrowdStrike Falcon® platform, and CrowdStrike AI Red Team Services, are available under the new AI Agents and Tools category of AWS Marketplace. These tools will help AWS customers to operationalize agentic AI workflow integrations, as well as safely test and protect AI systems within their existing AWS environment. With AI adoptions accelerating, offering realistic ways to connect models to real-time security operations has become a critical need. Trusted frameworks such as those from Crowdstrike can help companies power their security operations and protect the AI systems those operations depend on. A trust services representative using modern technology for improved financial security. 'Agentic AI is fundamentally changing business of all sizes across every industry – but only secure AI can safely scale to deliver long-term results. With these offerings now available in AWS Marketplace, CrowdStrike is giving customers the power to safely build, test, and run AI-driven security workflows using the same cybersecurity platform trusted to protect the world's most critical environments.' -Daniel Bernard, chief business officer, CrowdStrike. CrowdStrike Holdings, Inc. (NASDAQ:CRWD) is a leader in AI-driven endpoint and cloud workload protection. While we acknowledge the potential of CRWD as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: and Disclosure: None.
Yahoo
18 hours ago
- Business
- Yahoo
Jim Cramer Notes CrowdStrike is 'Loved in the Industry'
CrowdStrike Holdings, Inc. (NASDAQ:CRWD) is one of the stocks on Jim Cramer's radar. During the episode, Cramer mentioned that he is impressed by the recovery of the company after last year's outages. 'It's hard to believe that it's been almost a year since CrowdStrike, the cybersecurity play that we owned for the Charitable Trust, accidentally caused widespread computer outages, the faulty file update, not a hack, like a file update that sent millions of systems offline, halting businesses across the globe. Now, fast forward today, though, and it's like the outage never happened. Not only is CrowdStrike stock up more than 135% from its post-outage lows, it's up almost 40% from where it was trading before the outage. That's because cybersecurity is essential, and this particular cybersecurity firm is incredibly well run and loved in the industry. I've never seen such a rapid executed turnaround.' Security personnel at their consoles, monitoring a global network of threats in real-time. CrowdStrike (NASDAQ:CRWD) provides cloud-based cybersecurity solutions through a subscription model, protecting endpoints, identities, data, and workloads. The company's platform includes threat detection, security management, and AI-driven automation tools. While we acknowledge the potential of CRWD as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: 30 Stocks That Should Double in 3 Years and 11 Hidden AI Stocks to Buy Right Now. Disclosure: None. This article is originally published at Insider Monkey. Sign in to access your portfolio
Business Wire
2 days ago
- Business
- Business Wire
CrowdStrike Named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for Sixth Consecutive Time
AUSTIN, Texas--(BUSINESS WIRE)-- CrowdStrike (NASDAQ: CRWD) today announced it has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP) 1 for the sixth consecutive time. For the third time in a row, CrowdStrike was positioned furthest right for Completeness of Vision and highest for Ability to Execute among all vendors evaluated. The AI-native CrowdStrike Falcon® platform continues to define endpoint protection for the AI era, delivering industry-leading prevention, detection, and response. CrowdStrike's single-agent platform architecture meets growing customer demand to consolidate cybersecurity, unifying best-in-class endpoint, identity, cloud, data protection, and next-gen SIEM. With breakthrough agentic AI innovations, Falcon automates decisions and completes tasks to supercharge SOC personnel and accelerate security outcomes. 'As the pioneer of AI-native endpoint protection, CrowdStrike continues to lead the industry in delivering the outcome that matters most: stopping breaches,' said Elia Zaitsev, chief technology officer, CrowdStrike. 'The Falcon platform's unified architecture drives relentless innovation across the modern attack surface – consolidating point products, closing protection gaps, and simplifying operations. By wiring AI-driven automation into security workflows, Falcon autonomously makes critical decisions and drives real-time action, delivering the next evolution of AI-powered security operations. We believe this recognition validates Falcon as the platform of choice for modern cybersecurity.' Cybersecurity's Platform Innovator for the AI Era CrowdStrike continues to innovate its endpoint and platform capabilities to keep customers ahead of evolving threats and transform security operations. The company recently unveiled File System Containment for endpoint, which prevents ransomware from spreading over the network via Windows Server Message Block (SMB) and stops mass encryption as early as possible. Agentic AI innovations – including Charlotte AI Agentic Detection Triage and Charlotte AI Agentic Response and Agentic Workflows – transcend 'ask-and-respond' co-pilots, delivering autonomous reasoning and action on first- and third-party data, without human prompts. Advancements in Falcon Cloud Security protect every layer of cloud risk – from AI models to runtime data. Falcon Data Protection innovations unify data security across endpoints, cloud, GenAI, and SaaS. Falcon Identity Protection now secures the entire identity attack lifecycle – from initial access to privilege escalation and lateral movement – across hybrid environments. With every module managed from a single console, Falcon delivers AI-driven protection – trained on trillions of daily events and frontline intelligence – across the entire platform, without relying on stitched-together data or disconnected systems. 2 In May 2025, CrowdStrike was named a Customers' Choice in the 2025 Gartner Peer Insights™ 'Voice of the Customer' for Endpoint Protection Platforms report, with the most 5-star ratings (450) of any Customers' Choice vendor. To learn more about CrowdStrike's recognition in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP), please visit our website and read our blog. 1. Gartner, 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP), Evgeny Mirolyubov, Franz Hinner, Deepak Mishra, July 14, 2025 2. Gartner, Voice of the Customer for Endpoint Protection Platforms, Peer Editors, May 23, 2025 GARTNER is a registered trademark and service mark, Magic Quadrant and PEER INSIGHTS are a registered trademark, of Gartner Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. About CrowdStrike CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value. CrowdStrike: We stop breaches. © 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.
