Is CrowdStrike-Microsoft outage the 'largest' in history? One of the biggest IT crashes happened early on Friday, and almost all the sectors, including the financial sector (stock market, banks and NBFCs), public transport, aviation, corporates, media broadcasting and hospitality were impacted by the global outage.
Microsoft Chairman and CEO Satya Nadella informed late Friday that CrowdStrike released an update that began impacting IT systems globally on July 18. "We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online," he posted on X.
Is this a cyberattack? How did the outage happen? Why is Microsoft in the news? What is CrowdStike? What did the Indian government say about the IT outage? And why is the "blue screen of death" trending? When will the issue be fixed? And can we call it the “largest” IT outage in history? Here's all you need to know about the global outage on July 19.
Cybersecurity researcher Troy Hunt said in a post on X, "I don't think it's too early to call it: this will be the largest IT outage in history" He was quoted by CNBC as saying, "Ongoing tech disruption is set to be the largest IT outage in history." Meanwhile, an opinion piece on Sky news.com read, “It's possible we are looking at the largest IT outage in history.”
"This is not a security incident or cyberattack," CrowdStrike CEO George Kurtz clarified on Friday. He said there was "a defect found in a single content update for [Microsoft] Windows hosts". Crowdstrike acknowledged the issue on its support page, attributing it to its "Falcon n sensor."
The issue impacted computers running the Windows operating system and CrowdStrike software.
Kurtz told NBC's Today Show in the US that the problem was down to a bug in a single update. As per the Guardian, he said there had been a "negative interaction" between the update and Microsoft's operating system, which had then caused computers to crash, sparking the global outage, which remains ongoing.
The founder and chief executive of the cybersecurity firm CrowdStrike wrote on X, "Mac and Linux hosts are not impacted...The issue has been identified, isolated and a fix has been deployed."
The global tech outage was tied to Microsoft's Azure cloud platform and the software issue at CrowdStrike.
Cybersecurity firm CrowdStrike offers cloud-based security solutions to businesses. The company's social media account's bio read, "The first cloud-native platform that protects endpoints and cloud workloads, identity & data."
Its Falcon tool - one of the reasons for Friday's outage - identifies unusual behaviour and vulnerabilities to protect computer systems from threats such as malware.
The company was founded in 2011 and is based in Austin, Texas. It operates in more than 170 countries and employed more than 7,900 people as of January, Reuters reported. The US accounted for nearly 70 per cent of the more than $900 million in revenue it reported for the quarter ended April.
The recent update to CrowdStrike Falcon Sensor software led to an issue with Microsoft Windows 365 Cloud PCs. CrowdStrike's "Falcon Sensor" software was causing Microsoft Windows to crash and display a blue screen, according to an alert sent by CrowdStrike earlier to its clients and reviewed by Reuters.
Microsoft said it had fixed the underlying cause for the outage of its 365 apps and services including Teams and OneDrive, but residual impact affected some services.
As stated in the previous question, the issue stemmed from a defect found in a single content update for Microsoft Windows hosts, Kurtz said, adding Mac and Linux hosts were not impacted by the issue.
As Microsoft Windows crashed for several users across the world, their computer/laptop screens turned blue with a message from Microsoft. Reacting to this, social media flooded with memes with people calling it "Blue screen of death" (BSoD).
How to fix your blue screen?
In order to get rid of the Blue Screen error, one must boot their windows into safe mode or Windows recovery environment. Here's how to do it:
2) Go to C:\Windows\System32\drivers\CrowdStrike directory
3) Find the file with the name "C-00000291*.sys" and delete it
4) Boot your windows normally
Chief Information Officer at identity security firm CyberArk, Omer Grossman, told Reuters that even with the fix being implemented by CrowdStrike, some of the problems caused will likely take time to fix. He said the reason for this is that the problem has to do with Endpoint Detection and Response (EDR) products that run on individual client computers.
"It turns out that because the endpoints have crashed — the Blue Screen of Death — they cannot be updated remotely and the problem must be solved manually, endpoint by endpoint. This is expected to be a process that will take days," Grossman was quoted by CBS News as saying.
Ashwini Vaishnaw, the Minister for Information & Broadcasting, Electronics & Information Technology, posted on X that the ministry is in touch with Microsoft and its associates regarding the global outage.
"The reason for this outage has been identified and updates have been released to resolve the issue," he added. He further stated that the Indian Computer Emergency Response Team (CERT) is issuing a technical advisory. He added that the National Informatics Centre (NIC) "network is not affected".
Experts said the cyber outage revealed the risks of an increasingly online world. It being said that governments and businesses alike have become increasingly dependent on a handful of interconnected technology companies over the past two decades, accelerated by the COVID-19 pandemic.
To protect their computer networks from being breached by hackers, many businesses use a cybersecurity product known as Endpoint Detection and Response, or EDR, which runs in the background of corporate machines, or "endpoints".
Firms like CrowdStrike are able to use their EDR products as early warning systems for potential digital attacks, scan for viruses, and prevent hackers from gaining unauthorised access to corporate networks.
But, in this case, something in CrowdStrike's code is conflicting with something in the code that makes Windows work, and causing those systems to crash, even after rebooting.
"With the move to the cloud and with companies like CrowdStrike owning huge market shares, their software is running on millions of computers around the world," said Card.
1. In India, shares of stock broking firms, including Angel One and 5paisa Capital, declined on Friday as several traders faced operational disruptions. Meanwhile, bankers from Hong Kong and Dubai to South Africa and London were caught up in the global IT outage, leaving some unable to log on to computer systems and hobbling others from making trades.
2. Airports and airlines around the globe warned of delays and cancellations or switched to manual check-in, with some halting flights. In India, IndiGo cancelled over 200 flights, while other airlines such as SpiceJet, Air India, Air India Express and Vistara issued advisories to the passengers.
3. The financial sector across the globe was also severely impacted. The Reserve Bank of India (RBI) said the outage in Microsoft Services impacted 10 banks and NBFCs with minor disruptions, which have either been resolved or are being resolved.
"Critical systems of most banks are not in cloud and further, only a few banks are using the CrowdStrike tool. Our assessment shows that only 10 banks and NBFCs had minor disruptions which have either been resolved or are being resolved," the RBI said in a statement.
4. Health systems around the world cancelled procedures and resorted to using handwritten records, Bloomberg reported. England's National Health Service (NHS) said bookings of doctors' appointments and patient records were disrupted, but emergency services had not been affected.
5. Britain's Sky News resumed broadcasting after an hours-long outage, but operating at minimal capacity and without many of its usual services. Meanwhile, Australia's state broadcaster ABC said it was experiencing a "major network outage", without giving a reason.