Airport blues: Passengers grounded by Microsoft-CrowdStrike outage

Author

Kiruthika RAMANATHAN, Singapore Management UniversityFollow
Rafael J. BARROS, Singapore Management UniversityFollow
Thomas LIM, Singapore Management UniversityFollow

Publication Type

Case

Publication Date

12-2024

Abstract

On July 19, 2024, CrowdStrike, one of the largest players in the global endpoint detection and response software market, pushed a single configuration file as an update to its Falcon Sensor program. This program is commonly used by Microsoft enterprise computers running on the Windows platform. The file update was meant to enable Falcon to detect if hackers were using novel ways to hack end-user machines, but it caused a logic error that led to computers crashing around the world.

Students are asked to put themselves in the shoes of an Information Technology (IT) Support Technician at Singapore’s Changi Airport Group (CAG), who has been sent to assist the ground crew of Kuaifei, an airline operating at the airport. They will need to analyse how the incident was discovered, mitigated, managed, and communicated.

This case is intended for use in an enterprise solutions management course in an information systems undergraduate programme. Students should be able to achieve the following learning objectives: apply ITIL (Information Technology Infrastructure Library) incident management frameworks to analyse large-scale IT outages, and understand key ITIL incident management stages; evaluate technical root cause analysis; and design incident response protocols for mission-critical systems.

Keyword(s)

Root Cause Analysis, IT Security Management, Cybersecurity, Process Management, Service Delivery, Enterprise Computing

Discipline

Management Information Systems

Research Areas

Intelligent Systems and Optimization

Data Source

Published Sources

Industry

Airline Industry

Geographic Coverage

Singapore

Temporal Coverage

2024

Education Level

Executive Education; Postgraduate; Undergraduate

Publisher

Singapore Management University

Case ID

SMU-24-0029

Comments

For purchase of the case and supplementary materials via The CMP Shop, please access the following link:

• The Case (SMU-24-0029)

The links to purchase the case and supplementary materials on The Case Centre and Harvard Business Publishing is available via The CMP Shop.

SMU Faculty/Staff can download the case and supplementary materials on iNet with your SMU login ID and Password via The CMP Shop

Additional URL

https://cmp-shop.smu.edu.sg/products/airport-blues-passengers-grounded-by-microsoft-crowdstrike-outage?variant=42392972492842