一次大规模信息技术故障在全球各地造成巨大影响，也为美国网络安全龙头CrowdStrike的股价带来重创。 受微软“蓝屏事件”影响，当地时间7月19日，CrowdStrike美股收跌11%，报每股304.96美元，市值一夜蒸发近百亿美元，创2022年以来最差单日表现。该公司当前市值约740亿美元。 由于系统崩溃，从18日开始，全球从银行到零售巨头再到医疗保健系统在内的各类客户系统纷纷陷入瘫痪。分析机构Marsh & McLennan Companies称，超过75家客户可能会因为CrowdStrike全球性崩溃事件而提出网络故障索赔。Marsh & McLennan Companies主要为企业提供风险、战略和人力资本方面的咨询和解决方案服务。 不过，到美国市场开市时，一切开始恢复正常。 纽约证券交易所和纳斯达克均表示，市场运作正常。 美国银行和高盛等美国主要银行表示，其系统或业务并未受到重大影响。 Wedbush证券的分析师Dan Ives则认为，这次事件将对CrowdStrike造成显著的负面影响，同时可能让其竞争对手有机会在市场上获取更多的份额。“这显然是对CrowdStrike的重大打击，它必须在未来几周和几个月里采取有效措施，以恢复客户和市场的信任。”Dan Ives说。 此次全球宕机事件的起因被归咎于微软的技术更新，导致大范围的计算机系统失效。虽然这次事件并非由于黑客攻击或网络安全漏洞引起，但其规模和影响力不可小觑。CrowdStrike作为一家顶尖的网络安全公司，本应在这种情况下保障客户系统的稳定，然而，这次事件却暴露了其在应对全球性技术更新方面的不足。

Many companies around the world have been affected,
Musk was angry! "Fire the machine room"!

网络安全公司CrowdStrike软件更新存在漏洞，造成微软Windows系统崩溃，以致多国IT系统中断，进而导致欧美多国航班停飞和市场陷入混乱。 伦敦证券交易所集团称，其Workspace新闻和数据平台、货币现货和远期价格受到了“第三方全球技术问题”导致的中断的影响。伦交所集团旗下富时罗素相关发言人表示，其实时平台受到了影响，导致客户无法访问和接收数据。 欧洲能源交易所表示，使用Trayport电力和天然气交易平台的客户在交易时遇到了问题，原因是第三方服务提供商的基础设施问题。 日内多家欧洲航空公司和机场均遭遇航班延误和中断，欧洲最繁忙的机场之一阿姆斯特丹史基浦机场承认受到了影响，而西班牙国家航空公司则表示，在电子值机柜台和网上值机恢复之前，机场被迫采取人工操作。 航班跟踪网站FlightAware称，截至美东时间周五上午，全球已有超过27000个航班延误，2800个航班取消。 据央视新闻报道，美国超2000架次航班停飞。根据航班跟踪网站Flight Aware的信息，截至美国东部时间当日中午，已有超过2000架次美国境内、入境或出境美国的航班被取消，超5300架次航班延误。包括美联航在内的多家航空公司表示，航班陆续恢复正常，但截至19日中午，仍然有相当数量的航班延误或者被取消。 此外，美国联合包裹运送服务公司(UPS)和联邦快递 (FedEx)表示，尽管其航空公司在正常运营，但由于电脑系统出现故障快递仍有可能会出现延误。其中，达美航空表示，周五已取消1200个航班，周末可能还会有更多航班延误和取消。 包括特斯拉、星巴克、埃克森美孚等在内的企业也公开表示受到了影响。星巴克称，第三方系统出现广泛的故障，导致移动预订和支付功能暂时中断，正在处理相关问题。埃克森美孚则表示，全球网络故障影响了公司部分的信息系统。 马斯克在社交平台上表示，将直接在（特斯拉）所有系统中全部删掉CrowdStrike的软件，并且附上了一张“火烧CrowdStrike机房”的AI生成图片。 他随后补充道，“不幸的是，我们的许多供应商和物流公司都在使用它。 ” 据《商业内幕》（Business Insider）日内援引熟悉内情的消息人士的话报道，特斯拉因全球IT故障而停止了得克萨斯州和内华达州的部分生产线。 媒体援引特斯拉内部邮件称，特斯拉周五上午告诉员工，Windows主机、服务器、笔记本电脑和生产设备出现故障，用户在设备上看到蓝屏。

A "nuclear bomb-level" cybersecurity incident

From the company's background, CrowdStrike was founded in 2011. Its main product is the Falcon platform, which uses artificial intelligence and machine learning technology to detect, prevent and respond to cyber threats. It is understood that the Falcon platform has a market share of 17.7% in the field of terminal security, and 271 of the top 500 companies are its customers. Known for its ability to detect and defend against advanced cyber attacks, the company's software is used by some of the largest cloud service company providers, including Microsoft, Amazon, AWS, and major global banking, health care and energy companies to help them detect and block hacker threats. According to CrowdStrike's IDC Endpoint Security Market Share Report, it ranks first among 26 vendors. In the fourth quarter of fiscal 2024, annual recurring revenue (ARR) from the company's identity protection business exceeded US$300 million, more than doubling year-on-year. But like other cybersecurity products, CrowdStrike's software requires deeper access to the computer's operating system to scan for threats. This blue screen incident crashed because the software code update released by CrowdStrike incorrectly interacted with the Windows system. George Kurtz, co-founder and CEO of CrowdStrike, acknowledged the problem in his latest response and said fixes had been deployed.:"CrowdStrike is actively working with affected customers to resolve flaws in a single content update discovered on Windows hosts. Mac and Linux hosts are not affected by this. This is not a security incident or a cyber attack." George Kurtz said. But this blue screen has affected nearly ten million devices using Windows and involves a large amount of critical infrastructure. It can be called a nuclear bomb-level cyber security incident.

Competitors are expected to benefit

In the global cybersecurity war, competitors respond quickly and are expected to benefit from it. U.S. cybersecurity stocks collectively rose before the market on Friday, with Palo Alto Networks up 4.4%, Zscaler up 2.6%, Fortinet up 2% and Sentinel One up 6.8%. As of Friday's close of U.S. stocks, Sentinel One was up 7.85%, and Palo Alto Networks was up 2.16%. Analysis pointed out that this is because the market believes that these companies can win new customers and increase market share from this incident. In the long run, maintaining competitive advantages in the field of cybersecurity depends not only on technological advantages, but also on effective crisis management capabilities. CrowdStrike has built strong brand awareness and broad market penetration, but this incident will test its overall ability to respond to major technical challenges. Bruce Zhang, founder of Siyuan, a cybersecurity business research and analysis organization, told First Finance that CrowdStrike is the leading security company in the United States, but it can still erupt with such a large-scale impact. To some extent, this belongs to the supply chain. Security incidents, for security construction, we must not only do a good job in ourselves, but also do a good job in security management of the supply chain. He also told reporters that this incident means that the terminal is a weak link in security protection that cannot be ignored. Whether this escalation crisis or the frequent outbreaks of extortion, many of them start from the terminal. Moreover, the terminal affects every user, and the social impact is often particularly large.