Those were my beginning days as a SOC Analyst at Deloitte USI. It was an ordinary working day on Friday the 19th July 2024.
Around 10AM, it all started when one fellow analyst complained about a sudden BSOD while working. We thought there was some issue with his device.
But then another device got the same issue. Both of their laptops got struck in a reboot loop. The next one to show the BSOD was mine.
But unlike the previous two devices, my laptop recovered from it after the restart. More laptops started BSODing. By then, I knew something serious was going on.
Maybe someone hacked Deloitte? ​But I didn't know then that the whole world was affected by this. Analysts started experiencing the same thing over the next few hours.
Even though most systems recovered after the reboot, other services like Deloitte VPN stopped working. A post on reddit about BSOD due to Crowd Strike Falcon Sensors started gaining traction.
That post made me realize how big the issue was. It affected the whole world. The Crowd Strike Falcon Sensor update was the culprit.