Windows users around the world woke up to “Blue Screen of Death” (BSOD) on Friday morning due to a glitch in a CrowdStrike software update. The bug caused outages around the world, bringing airlines, ships, hospitals and banks to a halt. But some are seeing opportunity in the rubble.
The global blackout is a perfect reminder of how dependent the world is on technological infrastructure. In the midst of the disaster, some venture capitalists are seeing an opportunity for new technologies to prevent something like this from ever happening again. In 2024, we probably won't be allowed to take down many of the world's most critical computer systems with one buggy software update. Some would say that startups and venture capital are there to innovate in the face of widespread problems.
While CrowdStrike's outage has caught the attention of cybersecurity firms, Reid Christian, general partner at CRV, said this wasn't a cybersecurity incident and that the real issue was a large vendor deploying software that wasn't properly tested, debugged or deployed in a staged rollout.CRV is an investor in Fleet, a cybersecurity and IT management startup that monitors vendor instances on endpoints.
It's not clear how effective additional mobile device management-type software like Fleet would have been for this particular CrowdStrike issue, which appears to have been caused by a flaw in a Windows kernel-level driver, software that installs at the deepest level on a computer. (Companies that used MDM software in addition to CrowdStrike also experienced BSODs.) But Christian points out that if you're going to give a software vendor that level of access and trust, you need more protections.
“You need people to monitor the monitors of the cyber world,” Christian said. “It's good to have a main vendor, but you also need ancillary vendors to support you.”
Fleet co-founder and CTO Zach Wasserman told TechCrunch that the security software runs outside the kernel so as not to compromise system stability.
While this wasn't a cybersecurity incident caused by malicious hackers, Friday's outage may have been so severe because CrowdStrike had unique access to the kernel, the core of the operating system. Guru Chahal of Lightspeed Venture Partners believes that outside-kernel cybersecurity applications such as Wiz may become more popular in the wake of this disaster.
“Once you allow access to the kernel (as in this case), these issues are hard to stop,” Chahal told TechCrunch in an email, “but they are definitely possible to circumvent with non-intrusive approaches, and companies like Wiz (cloud security) and Oligo Security (runtime security) have adopted these alternative approaches for this reason.”
Oligo Security is a security monitoring software for open source software that uses a sandbox rather than direct access to the kernel. Since this is a Windows issue, they couldn't have prevented this problem. But the point of a sandbox system might be something the Windows security industry would like to see more of.
Wiz, meanwhile, isn't celebrating its victory just yet. While buzz is building around the cybersecurity company as Google negotiates a $23 billion acquisition, Wiz board member Gili Raanan said Friday's events have increased pressure on everyone. He expects the entire security ecosystem will come under increased scrutiny of its products and deployments.
“It's not just a bad day for CrowdStrike, it's a bad day for everyone in cybersecurity,” Lannan said. “There are no winners or losers, only losers.”
Logan Allyn, founder of FinCapital, which invests in B2B financial services companies, believes Friday's outage has increased the need for cloud monitoring companies. Outside of cybersecurity, he said, companies are becoming more reliant on external APIs as they integrate AI solutions, making them more prone to buggy software updates like this one.
“We have companies in our portfolio that provide things like middleware to ensure that cybersecurity, cloud orchestration, API integrations between every packet of data that moves within the architecture don't break,” Allyn said.
While Friday's outage was shocking, venture capitalists like Arin and Chahal predict it's just the beginning of an antiquated and crumbling layer of infrastructure. Especially in older sectors like finance and healthcare, these outages highlight the need for modern technology.
“I think we'll see a lot of startups emerge that offer runtime security while avoiding the issues of staying in the kernel,” Chahal said.
Reporting by Marina Temkin.