CrowdStrike shares slide as IT disruption continues

Shares in cybersecurity firm CrowdStrike have plunged more than 13% as the company reckons with the aftermath of causing a global IT outage.

Chief security officer Shawn Henry said the incident had been a “gut punch” for the firm, which had previously been one of the most trusted names in the industry.

“We let down the very people we committed to protect, and to say we’re devastated is a huge understatement,“ he said.

Many businesses are still recovering after a faulty “content update” last week crashed 8.5 million Microsoft Windows computers around the world.

The issue has required manual reboots in some cases.

Mr Henry, a former FBI executive assistant director, said the weekend had been “the most challenging 48 hours” of his 12 years at the company.

He promised it would use the incident as an opportunity to “emerge better and stronger than ever”.

“The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch,” he said in a LinkedIn post on Monday.

“But this pales in comparison to the pain we’ve caused our customers and our partners.”

Delta Airlines, one of the most affected firms, had cancelled more than 4,000 flights since Friday, including more than 800 on Monday, according to outside tracking firm, Flight Aware.

That was far more than any other airline.

Delta on Monday said more than half of its IT systems were Windows-based and required manual repair. It said the software it uses to direct staffing for flights was requiring the most time and manual support to fix.

“We’ve got everyone around the company working around the clock to get this operation where it needs to be,” Delta boss Ed Bastian said in a video message to employees on Monday.

A day earlier, he apologised to customers, as US Transportation Secretary Pete Buttigieg warned the government had received complaints about “continued disruptions and unacceptable customer service” at the firm.

Other entities, such as the UK’s National Health Service, have said their systems were operating more normally.

Speaking to the House of Commons on Monday, Cabinet Office Minister Ellie Reeves said that the majority of sectors affected by the CrowdStrike bug had mostly recovered, including aviation, railroads, and maritime systems.

But she warned that some “minor disruption” would continue, including at the NHS.

She added that the government would work with the National Cyber Security Centre and other partners “to review the lessons learned”.

The incident showed how dependent the modern world is on “complex and interconnected IT systems and how essential preparedness for such events is”, the minister told MPs.

Founded in 2011, CrowdStrike boasts some 29,000 customers around the world, including government agencies in the US and UK and some of the world’s biggest companies.

Shares in the firm were up nearly 40% this year before the incident hit.

It said on Sunday that “a significant number” of devices that were impacted by a global IT outage on Friday were back online.

But the hit to CrowdStrike shares on Monday followed an 11% drop on Friday, reflecting the severity of the incident. The firm’s share price ended trading at less than $264, down more than 13%.

Some investors are betting that the firm’s rivals will benefit from its current struggles, which have exposed the world’s dependence on one big player, drawing attention from anti-monopoly regulators.

Sentinel One, for example, saw shares surge more than 8% on Monday.

Analysts said despite the current damage to CrowdStrike’s shares, they did not foresee long-term damage to the business.

“The reality is despite CrowdStrike’s epic failure last week, there are few alternatives to CrowdStrike and the switching costs are high,” Gene Munster, managing partner at Deepwater Asset Management, which is known for its tech investments, wrote on social media.

“In other words, when the company reports its July quarter late in August, I expect the commentary to suggest unknowns about near-term customer retention. That said, I expect there will be few customer defections long-term.”

Wedbush Securities analyst Dan Ives said it would be critical for CrowdStrike to resolve its issues this week.

“This will take some time to settle down but does not change our positive long term view of CrowdStrike or the cyber security sector,” he wrote in a note on Monday.

Reporting contributed by Chris Vallance