Businesses across the globe have suffered, and some are still suffering, from major IT outages with many Windows machines experiencing the infamous “Blue Screen of Death” (BSOD).
According to Wired, the disruptions began in Australia early Friday morning and quickly spread to the UK, India, Germany, the Netherlands and the US. Affected organisations include banks, airports, television stations, medical facilities, hotels and many other businesses.
Cybersecurity firm CrowdStrike identified misconfigurations and corrupted updates as the root cause of these widespread outages, a discovery that has sparked debate about the resiliency of cloud services and the critical role of cybersecurity products in ensuring operational continuity.
Causes and Solutions
CrowdStrike, a major cybersecurity company, acknowledged the issue in a statement from CEO George Kurtz. Kurtz explained that a flaw in a content update for Windows hosts was the cause of the outage, but denied the possibility of a cyberattack. “This is not a security incident or a cyberattack,” Kurtz said. “The issue was identified, isolated, and a fix has been deployed.” He emphasized that Mac and Linux hosts were not affected by the update.
CrowdStrike engineers posted on the company's Reddit forum acknowledging widespread reports of BSODs on Windows hosts, and offered workarounds for affected systems and instructions for customers.
According to TechCrunch, the problematic component identified is Falcon Sensor, part of CrowdStrike's suite of security tools. The cloud-based security service is designed for real-time threat detection, simplified management and proactive threat hunting.
Microsoft has also responded to the situation. A spokesperson confirmed to TechCrunch that the company is aware of the issue related to Windows devices and believes a solution is coming soon. At the same time, Microsoft was also dealing with an unrelated outage in its Azure cloud service, further complicating the situation.
Sector-specific impacts
The power outage had serious effects on many sectors.
“I don't think it's too early to tell – this will be the biggest IT outage in history,” posted Troy Hunt, an Australian security consultant who is monitoring the situation.
U.S. Government
The outage significantly affected multiple federal government agencies in the United States, causing widespread disruption, FedScoop reported.
The Department of Homeland Security said it, along with the Cybersecurity and Infrastructure Security Agency (CISA), is working with CrowdStrike, Microsoft and other partners to address the outage.
The media outlet said President Biden has been briefed and is in contact with CrowdStrike and affected organizations.
The Social Security Administration, Department of Justice and Department of Veterans Affairs reported a range of operational challenges, the Federal Aviation Administration and Department of Energy are closely monitoring the situation, the Department of Education has restored services and the Nuclear Regulatory Commission reported normal operations.
According to the report, in 2021, CISA hired CrowdStrike to bolster cybersecurity for federal civilian agencies.
health care
In the healthcare industry, hospitals and emergency services in several states are reporting significant issues with Windows-enabled systems, including 911 emergency alert systems.
Massachusetts General Hospital and NHS hospitals in the UK reported significant disruption, significant delays in patient care and rescheduling of non-emergency procedures.
Germany's Schleswig-Holstein University Hospital was forced to cancel non-urgent surgeries at two locations, and in Israel more than a dozen hospitals and pharmacies were affected, with ambulances being diverted to unaffected medical facilities.
Air travel
Long lines and delays occurred at airports around the world. Reuters reported that more than 1,400 flights were canceled and nearly 9,000 were delayed in the United States alone. Major U.S. airlines, including Delta, United and American, issued grounding orders on Friday morning.
However, American Airlines later said it had resumed service, and Frontier and Spirit Airlines also lifted orders to ground their planes, according to Reuters, but delays and cancellations are still expected to continue throughout the day.
In Europe, airlines including British Airways and German flagship Lufthansa suffered severe IT outages that affected check-in systems, flight schedules and customer service operations, bringing air travel in Europe to a near standstill. Air travel in India, Australia and New Zealand was also disrupted.
Major airlines, including Beijing Capital International Airport and several major Chinese carriers, including Air China, China Southern Airlines and Hainan Airlines, said their flights were not affected by the ongoing global IT outage as they use different systems.
Stock Exchange
In the UK, the London Stock Exchange reported turmoil, along with France's CAC 40, Germany's DAX, Spain's IBEX 35, the Netherlands' AEX, OMX Stockholm 30 and Switzerland's SMI exchange, which all fell, according to Sky News.
Officials with the New York Stock Exchange and Nasdaq announced Friday morning that both markets were fully operational.
Bank
Many banking services were affected. Visa is reportedly having issues mainly with payments and website functionality. TD Bank is also experiencing issues, with the majority of user reports relating to mobile banking, followed by online banking and login issues. Other banks reporting potential issues include Bank of America, Chase, and Wells Fargo.
Other Businesses
According to DownDetector, a website that monitors and reports issues and outages for various services and websites in real time, affected companies include Google, Amazon, Microsoft, Facebook, UPS, Walmart, Verizon, AT&T, T-Mobile, SNAP ABT, and many more.
“Not everywhere, but just about everyone. This is massive,” Hunt posted along with a screenshot of Downdetector.
Dependence on IT
The incident, which sent shock waves around the world, highlights the critical dependency on IT and software systems and the vulnerabilities associated with third-party updates.
Cybersecurity expert Kevin Beaumont noted that faulty updates have caused Windows to crash multiple times, with improperly formatted update files causing system failures that could require manual reboots to restore functionality, which could take hours or even days, he said.
Lukas Oleynik highlighted the financial impact that could see organizations lose millions of dollars if they halt operations. According to Wired, he said:
“This brings to mind IT and software dependency,” Olejnik says. “When your system is made up of multiple software systems maintained by different vendors, this equates to trusting the vendors. These vendors can become single points of failure, as they have here, with different companies affected.”
According to TechCrunch, CrowdStrike serves approximately 60% of the Fortune 500 and more than half of the Fortune 1,000. The company's services are used by eight of the top 10 financial services companies and an equal number of leading technology companies. Additionally, the company has a strong presence in the healthcare and manufacturing sectors, supporting six and seven of the top 10 companies in those industries, respectively.
According to investigative journalist Whitney Webb, the company is part of the Global Cyber ​​Alliance, “part of a WEF-led effort to enforce digital identity for internet access and thwart cybercrime.”
CrowdStrike co-founder Dmitri Alperovitch has close ties to the US government and intelligence community. He currently serves as a member of the Homeland Security Advisory Council, among many other roles detailed by the National Security Institute.
As of early afternoon EDT Friday, the majority of the outages had been resolved.
