Summer-only sessions helped blunt CrowdStrike outage impact on US schools
K-12 school districts across the country were impacted in last week’s CrowdStrike-based IT outage, a person familiar says. The effects would have been much worse if school was in session.
Hundreds of U.S. school systems were likely impacted in last Friday’s CrowdStrike IT outage that crippled Windows computers around the world, according to a person with direct knowledge of the matter.
The outages were so severe that, if school districts were in full-time session outside of summer months, the incident would have likely caused prolonged countrywide school closures, said the person, who spoke on the condition of anonymity to be candid about the nature of the impact.
North Carolina had recently purchased a CrowdStrike license for its school systems, and faced a statewide school computer outage that affected administrators, IT staff and students in summer classes, said the person. Across the country, in Oregon, a major city’s public school systems were severely affected, with hundreds of computers having to be manually fixed one at a time, the person added.
At least one K-12 school software provider, PowerSchool, was impacted in the outages, according to the person.
“The recent CrowdStrike update for Windows caused a large-scale global outage, impacting some PowerSchool customers and other K-12 technology vendors,” the company confirmed in an email to Nextgov/FCW. “We promptly addressed and resolved all issues to restore full functionality.”
PowerSchool added it’s “conducting a review of our security tools, including CrowdStrike, to strengthen our resilience against future disruptions and enhance system availability and performance.”
“Since funding was allocated in 2021 for cybersecurity services, the North Carolina Department of Public Instruction has purchased CrowdStrike licenses for all servers and staff endpoints in all North Carolina Public School Units on an opt-in basis,” a spokesperson for North Carolina’s Department of Public Instruction said. “Like many organizations around the world, some public schools in North Carolina experienced outages, either in their systems or in the third-party systems they leverage.”
“Many third-party vendors were also impacted by this outage and the agency has been in constant communication with them as they restored their services and sought to mitigate the impact on school districts,” the spokesperson added.
CrowdStrike does not detail specifics of its business dealing with customers but its website says it services 43 out of 50 U.S. states. The company also has a web page showcasing cybersecurity offerings for educational institutions.
CrowdStrike and SentinelOne, a competitor, are contracted for a K-12 cybersecurity initiative with the Texas Education Agency. The State of Arizona also offers CrowdStrike as an option for schools. In 2021, the Center for Internet Security partnered with CrowdStrike to offer cybersecurity services for state and local governments.
“We understand the gravity and impact this situation has had, including on school systems. We’re genuinely sorry for the disruption. Our team is working nonstop to help get every system restored and operational,” a company spokesperson said.
A routine update deployed July 19 intended to enhance clients’ security capabilities clashed with a new cyberthreat classification framework rolled out in February, causing affected systems to crash, the company said Wednesday.
“I want to sincerely apologize directly to all of you for the outage. All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority,” CEO George Kurtz said in a prepared statement detailing the company’s response plans.
A new process is in development to prevent similar errors in the future, CrowdStrike said in the incident review. The company will revamp the testing processes for Rapid Response Content that would include adding “additional validation checks” to a scanning system used to check for bugs in product code, it says.
The recent outage has already created secondary hacking opportunities being leveraged by cybercriminals, Nextgov/FCW reported Monday.