CrowdSrike-Microsoft outage: Top 5 things to know
Early on Friday, a massive IT crash impacted almost all sectors globally, including aviation, public transport, stock markets and banks, corporates, media broadcasting and hospitality, with Windows systems everywhere throwing up the Blue Screen of Death error. Cybersecurity experts called it the biggest IT outage in history.
How were users affected?
Airports globally from Singapore to Melbourne were affected by drastic delays and sudden cancellations with planes being temporarily grounded. A FlightAware tracker stated that over 21,000 flight delays had been reported. While United and Delta flights in the U.S. resumed later, disruptions could continue for several days since its peak travel season.
In India, flights were majorly affected with many cancellations and airlines resorting to issuing handwritten boarding passes. The Reserve Bank India also reported smaller disruptions in 10 banks and NBFCs while hospitals also had to switch to manual processes, as stated by an ANI report. Indian stock markets remained unaffected.
A Bloomberg report said that doctors at UK’s National Health Service couldn’t access scans, blood tests and patient histories with other medical facilities like the Memorial Sloan Kettering Cancer Center in New York and the Mass General Brigham in Boston reporting that their patient care had been impacted.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
What Happened?
An issue with U.S. cybersecurity software company CrowdStrike led to the widespread global issue. “This is not a security incident or cyberattack,” CrowdStrike CEO George Kurtz clarified on Friday. A defect had been found in a single content update for Windows hosts which was attributed later to the Falcon Sensor product, he added. The issue had come down to a bug in a single update causing the cascading effect.
CrowdStrike calls Falcon “the CrowdStrike platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks—including malware and much more.”
Microsoft said it had fixed the underlying cause for the outage of its 365 apps and services including Teams and OneDrive but there was residual impact still affecting some services.
Max and Linux hosts remained unimpacted.
How did CrowdStrike & Microsoft respond?
In an official statement from the company released a few hours ago, they noted that the issue had been identified, isolated and a fix had been deployed. “We are referring customers to the support portal for the latest updates and will continue to provide complete and continuous public updates on our blog,” it noted.
They also stated that the issue did not affect CrowdStrike’s Falcon platform systems and assured users that if their systems were operating normally there had been no impact to their protection if the Falcon sensor was installed.
Also read: Microsoft CrowdStrike outage | How a software glitch disrupted global businesses
The blog also listed manual steps that affected users could take to reboot their systems. Companies could also follow instructions to automate these steps. While some systems could take a few hours to come back online, some others could take longer than expected.
Microsoft CEO Satya Nadella acknowledged the issue on X saying they were “actively collaborating with CrowdStrike and industry partners to guide our customers through the recovery process and restore their systems securely.”
What is the current status?
Indian civil aviation minister K Rammohan Naidu said that airlines had resumed usual operations since 3 am on Saturday. The aviation ministry was constantly monitoring the situation to ensure refunds and travel rearrangements were taken care of by airline companies.
Air India reported no cancellations on Saturday.
However, airports across the country including Mumbai, Chennai and New Delhi have continued to face technical glitches on Saturday, according to media reports with ongoing disruptions continuing.
In the U.S. United and Delta resumed on Friday but disruptions could stick due to peak travel season. U.S. Transportation Secretary Pete Buttigieg told Reuters that system issues were gradually resolving and transportation would be back to normal by Saturday.
What next?
Concerns have been raised around how ill prepared most organisations were to follow a back-up in similar cases of a single failure in IT. Outages like this will happen again until contingencies were built into networks and organisations and bring better back-ups.
Companies are also advised to use a multi-cloud strategy so if one went down, others could support critical operations.
Ann Johnson, Microsoft’s head of security and compliance told Reuters that while the scale of the outage was huge it was hard to quantify because it just involved systems which were running on CrowdStrike’s protection. Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency said that it had been observing hackers to prevent any potential misuse of the outage for phishing and other malicious activities.
CrowdStrike’s shares closed at 11% lower while its rivals like Palo Alto Networks and SentinelOne closed at 2% and 8% higher.