Claroty Products Remain Secure During Global Outage; Guidance for Customers

In light of the ongoing global outage linked to a faulty CrowdStrike update for Windows computers, Claroty would like to assure our customers and partners that our products and services are not directly impacted. 

Many of us awoke this morning to the news that a faulty content update for CrowdStrike Falcon Sensor was the root cause of the global outage. The defective update was for Windows machines only, the company said, adding that Mac and Linux hosts were not impacted. 

CrowdStrike CEO George Kurtz stressed in a post to X (formerly Twitter) that the outage was not the result of a security incident or cyberattack. He added that CrowdStrike has identified the update in question and rolled it back. A fix is being deployed to agents on affected computers which have experienced crashes and a Blue Screen of Death (BSOD) error. The company has published a statement that it says will be updated throughout the incident. 

The impact from this outage, meanwhile, has been significant. Some states report that emergency services, including 911, are offline. Most airlines have grounded flights for the time being, stranding passengers in airports. Some banks and financial institutions are offline, and customers cannot make payments or use ATMs. Hospitals are reporting delays and cancellations; Reuters reports that some hospitals are canceling elective surgeries, and appointment systems are impacted. 

Claroty, meanwhile, wants to assure its customers that our products are not affected and continue to operate securely and without disruption. Comprehensive assessments have confirmed there is no impact on the security or functionality of our offerings and we have taken proactive measures to ensure all our systems remain safe. 

For xDome customers looking to identify devices with CrowdStrike Falcon, please follow these steps:

1. Navigate to the Devices Table

2. Add the Endpoint Security and OS columns

3. Filter the Endpoint Security column and search for "CrowdStrike Falcon"

4. Filter the OS column to search for Windows-based devices

For xDome for Healthcare (formerly Medigate) customers looking to identify devices with CrowdStrike Falcon, please follow these steps:

1. Navigate to the Devices Table.

2. Add the Endpoint Security and OS columns.

3. Filter the Endpoint Security column and search for "CrowdStrike Falcon".

4. Filter the OS column to search for Windows-based devices.

For Claroty CTD customers looking to identify devices with CrowdStrike Falcon, please follow these steps: 

1. Navigate to the assets table

2. Select "Advanced Filters"

3. For "Filter Name" select "Installed Program".  For "Action" select "Include".  For "Filter Value" input "Crowdstrike"

4. Select "Add Filter"

We also understand that many of our customers may have systems or services that have been impacted by the outage, which could indirectly impact the services provided by Claroty. We will continue to monitor the situation, and we are available to offer support to mitigate any potential disruption. 

Our support team, backed up by our world-class research team, Team82, is committed to helping assess or address any indirect impacts from this outage. If you have any questions, our support teams are available to industrial, commercial, and public sector customers at support@claroty.com, and to healthcare customers at healthcare-support@claroty.com.