A global technology outage caused by a faulty update from cybersecurity firm CrowdStrike Holdings Inc. had wide-ranging effects on Friday, including for its stock.
The Nasdaq-traded stock saw a steep decline of more than 15% as soon as trading began, which it clawed back to 11.1% by the end of the trading day as the company worked to resolve the issue that grounded flights, disrupted hospitals and backed up border crossings in Canada, among other impacts.
In posts on the social platform X, CrowdStrike CEO George Kurtz apologized for the outage.
He said it was not due to a security incident or cyberattack, but rather a flawed content update deployed to computers running Microsoft Windows.
“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” Kurtz wrote.
“The issue has been identified, isolated and a fix has been deployed.”
Frank X. Shaw, a spokesperson for Microsoft, also took to X to say the tech company was “actively supporting customers to assist in their recovery.” Microsoft’s stock was down 0.7%.
Asset managers in Canada who invest in CrowdStrike watched closely on Friday as the incident unfolded.
Raj Lala, president and CEO of Evolve Funds Group Inc. in Toronto, did not express significant concern. CrowdStrike is the second-largest holding in the Evolve Cyber Security Index Fund (TSX: CYBR), with 8% weight.
“Historically, the cybersecurity sector has demonstrated resilience, often rebounding quickly after sharp selloffs. In addition, CrowdStrike’s CEO has come forth saying the issue was not a security-related incident or cyberattack,” Lala told Investment Executive Friday afternoon.
“We believe the current event could [have] a short-term impact on share prices. In fact, CrowdStrike’s share price has already started to recover.”
Further, Lala said CYBR offers “a diversified strategy that mitigates this exact type of concentration risk.”
Despite CrowdStrike shares being down in value, shares of cybersecurity firm Palo Alto Networks, which is the fund’s largest holding at 8.4%, were up Friday, Lala said.
“In fact, 12 out of CYBR’s 39 holdings are positive, highlighting the importance of diversification,” he added.
CrowdStrike is a massive player in the cybersecurity sector. It’s used by airlines, banks, hospitals and other organizations to protect their computer systems from hackers and data breaches.
But those same organizations felt the ramifications of its faulty content update Friday, which one cybersecurity expert said could be behind the “the largest IT outage in history.”
“This is basically what we were all worried about with Y2K, except it’s actually happened this time,” Australian cybersecurity consultant Troy Hunt wrote on X.
Gregory Falco, an assistant professor of engineering at Cornell University, told the Associated Press that the widespread tech outage is a result of organizations relying on the same few companies for their IT infrastructure.
“What really causes this mess is that we rely on very few companies, and everybody uses the same folks, so everyone goes down at the same time,” Falco told the wire agency.
Lala said this incident “emphasizes the type of widescale impact a breach could cause and, by extension, the necessity of cybersecurity solutions in protecting infrastructure, businesses and individuals.”
“We believe the fundamentals of the cybersecurity industry remain strong, and the long-term investment thesis is intact. The recent drop in share prices may present a compelling entry point for long-term investors,” he said.
With files from The Associated Press and The Canadian Press