Crowdstrike IT outage insured losses could reach $1.5bn after worldwide chaos

The global IT outage linked to Crowdstrike could cost the cyber insurance industry as much as $1.5 billion.

CyberCube, a specialist modelling firm for cyber risks and exposures, has estimated that it could have cost between $400 million and $1.5 billion for the standalone cyber insurance market.

This represents a loss ratio impact of somewhere between 3 per and 10 per cent on global cyber premiums of $15 billion.

While the fallout is still becoming clearer , CyberCube have saif that a loss of this scale could make the CrowdStrike incident the largest single insured loss event ever in the cyber insurance sector.

CrowdStrike is blaming a bug in an update that allowed its cybersecurity systems to push bad data out to millions of customer computers, setting off last week’s global tech outage that grounded flights, took TV broadcasts off air and disrupted banks, hospitals and retailers.

'I'm trapped at the airport due to CrowdStrike Microsoft outage — inside my nightmare journey home'

Did Crowdstrike FONT change on software design cause global IT meltdown?

CrowdStrike also outlined measures it will take to prevent the problem from recurring, including staggering the rollout of updates, giving customers more control over when and where they occur, and providing more details about the updates that it plans.

The company on Wednesday posted details online from its “preliminary post incident review ” of the outage, which caused chaos for the many businesses that pay for the cybersecurity firm’s software services.

The problem involved an “undetected error” in the content-configuration update for its Falcon platform affecting Windows machines, the Texas-based company said.

“The faulty CrowdStrike Falcon Sensor update and subsequent outage – the CrowdOut Event – would represent a loss ratio impact of roughly 3-10% on global cyber premiums of $15 billion today,” CyberCube said in a recent report

The firm continued, “Based on CyberCube’s current estimates, the event represents a loss somewhere between the 1-in-2 and the 1-in-6-year industry loss return periods, according to the company’s cyber catastrophe model and industry exposure database.”

A bug in the content-validation system allowed “problematic content data” to be deployed to CrowdStrike’s customers. That triggered an “unexpected exception” that caused a Windows operating system crash, the company said.

As part of the new prevention measures, CrowdStrike said it’s also beefing up internal testing as well as putting in place “a new check” to stop “this type of problematic content” from being deployed again.

CrowdStrike has said a “significant number” of the approximately 8.5 million computers that crashed on Friday are back in operation as customers and regulators await a more detailed explanation of what went wrong.

Once its investigation is complete, CrowdStrike said it will publicly release its full analysis of the meltdown.