Businesses across the globe have been — and some still are — grappling with significant IT outages, with many Windows machines displaying the notorious “blue screen of death” (BSOD).
According to Wired, the disruptions began early Friday in Australia and quickly spread to the U.K., India, Germany, the Netherlands, and the United States. Among the affected organizations are banks, airports, TV stations, healthcare facilities, hotels, and numerous other businesses.
The cybersecurity firm CrowdStrike has identified a misconfigured or corrupted update as the root cause of these widespread outages. This revelation has sparked discussions about the resilience of cloud services and the critical role of cybersecurity products in ensuring operational continuity.
Cause and Response
CrowdStrike, a major player in the cybersecurity industry, confirmed the issue in a statement by CEO George Kurtz. Kurtz explained that a defect in a content update for Windows hosts caused the outages, but he ruled out the possibility of a cyberattack. “This is not a security incident or cyberattack,” Kurtz stated. “The issue has been identified and isolated, and a fix has been deployed.” He emphasized that Mac and Linux hosts were not impacted by the update.
Engineers from CrowdStrike posted on the company’s Reddit forum, acknowledging widespread reports of BSODs on Windows hosts. They provided a workaround for affected systems and issued instructions to their customers.
According to TechCrunch, CrowdStrike’s Falcon Sensor, part of its suite of security tools, was identified as the problematic component. This cloud-based security service is designed for real-time threat detection, simplified management, and proactive threat hunting.
Microsoft also responded to the situation. A spokesperson confirmed to TechCrunch that the company was aware of the problems linked to Windows devices and believed a resolution was forthcoming. At the same time, Microsoft was dealing with its own unrelated outage of its Azure cloud services, adding another layer of complexity to the situation.
Sector-specific Impact
The outages have had severe repercussions across various sectors.
“I don’t think it’s too early to call it: this will be the largest IT outage in history,” posted Troy Hunt, an Australian security consultant who monitors the situation.
U.S. Government
The outage has significantly impacted several U.S. federal agencies, causing widespread disruptions, FedScoop reports.
According to the Department of Homeland Security, they, along with the Cybersecurity and Infrastructure Security Agency (CISA), are collaborating with CrowdStrike, Microsoft, and other partners to address the system outages.
President Biden has been briefed and is in communication with CrowdStrike and affected entities, according to the outlet.
The Social Security Administration, Justice Department, and Department of Veterans Affairs have reported various operational challenges, while the Federal Aviation Administration and Department of Energy are closely monitoring the situation. The Department of Education has restored its services, and the Nuclear Regulatory Commission reported normal operations.
In 2021, CISA enlisted CrowdStrike to enhance cybersecurity for federal civilian agencies, according to the report.
Healthcare
In the healthcare industry, hospitals and emergency services have reported significant issues with Windows-linked systems, including the 911 emergency alert system, in several states.
Massachusetts General Hospital and NHS hospitals in the U.K. reported significant disruptions, major delays in patient care, and the rescheduling of non-emergency procedures.
Germany’s University Hospital Schleswig-Holstein had to cancel non-urgent surgeries at two locations. In Israel, more than a dozen hospitals, as well as pharmacies, were impacted, leading to ambulances being rerouted to unaffected medical organizations.
Air Travel
Airports worldwide faced long queues and delays. More than 1,400 flights were canceled in America alone, with nearly 9,000 flights delayed, according to a Reuters report. Major U.S. airlines, including Delta, United, and American, issued ground stops on Friday morning.
However, according to Reuters, American Airlines later announced that it had resumed operations, and both Frontier and Spirit also lifted their directives to ground planes. Still, delays and cancellations are expected to persist throughout the day.
In Europe, airlines such as British Airways and German flagship carrier Lufthansa faced severe IT failures, which affected their check-in systems, flight scheduling, and customer-service operations, nearly paralyzing European air travel. Air travel in India, Australia, and New Zealand was also disrupted.
Major Chinese airlines, such as Beijing Capital International Airport and several major Chinese airlines, including Air China, China Southern Airlines, and Hainan Airlines, said that their flights were unaffected by the ongoing global IT outages due to their use of different systems.
Stock Exchange
In the U.K., the London Stock Exchange reported disruptions. In addition to that, the French CAC 40, German DAX, Spanish IBEX 35, Dutch AEX, OMX Stockholm 30, and Swiss SMI exchanges were all down, according to Sky News.
Officials at the New York Stock Exchange and Nasdaq reported Friday morning that both markets are fully operational.
Banks
Many banking operations were affected. Reportedly, VISA is experiencing issues, mainly with payments and website functionality. TD Bank is also facing problems, with most user reports concerning mobile banking, followed by online banking and login difficulties. Other banks reporting potential issues include Bank of America, Chase, and Wells Fargo.
Other Businesses
According to DownDetector, a website that monitors and reports real-time issues and outages for various services and websites, businesses that were impacted include Google, Amazon, Microsoft, Facebook, UPS, Walmart, Verizon, AT&T, T-Mobile, SNAP ABT, and many others.
“Not just everywhere, but every*one* (nearly). This is massive,” posted Hunt along with the DownDetector screenshot.
Dependence on IT
The incident that sent shockwaves around the globe underscores the critical dependence on IT and software systems and the vulnerabilities associated with third-party updates.
Cybersecurity expert Kevin Beaumont pointed out that the faulty update caused repeated Windows crashes. Beaumont noted that the improperly formatted update file led to system failures, suggesting manual reboots might be required to restore functionality, potentially taking hours or days.
Lukasz Olejnik highlighted the financial implications, with potential losses in millions as organizations halted operations. He said, according to Wired,
“It reminds us about our dependence on IT and software,” Olejnik says. “When a system has several software systems maintained by various vendors, this is equivalent to placing trust in them. They may be a single point of failure — like here, when various firms feel the impact.”
According to TechCrunch, CrowdStrike serves nearly 60 percent of Fortune 500 companies and more than half of Fortune 1,000 companies. Its services are utilized by eight of the top 10 financial-services firms and an equal number of leading tech companies. Additionally, it has a significant presence in the healthcare and manufacturing sectors, supporting six and seven of the top 10 companies in those industries, respectively.
According to investigative journalist Whitney Webb, the company is a part of the Global Cyber Alliance, “part of the WEF-led effort to force you to adopt digital ID for internet access in order to stop ‘cybercrime’.”
CrowdStrike’s co-founder, Dmitri Alperovitch, is closely connected with the U.S. government and intelligence communities. He is currently serving as a Member of the Homeland Security Advisory Council, among many other roles, detailed by the National Security Institute.
As of Friday early afternoon, EDT, a major part of the outages had been resolved.
