Worldwide IT Outage Not Cyber Attack - But Software Update
A global IT outage that has put hundreds of businesses and essential services out of action has been confirmed as originating from software company CrowdStrike, with the company stressing it's not the result of a cyber attack, but a update pushed out by the company reacting badly with Microsoft's Windows operating system.
Company CEO George Kurtz says: "Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts... The issue has been identified, isolated and a fix has been deployed."
CrowdStrike is a global, market-leading company that specialises in cloud-native endpoint protection, threat intelligence, and cyberattack response services, with its flagship product, Falcon, providing protection against sophisticated attacks that traditional malware-based defences struggle to combat.
Initial reports are suggesting that a faulty channel file in CrowdStrike Falcon is the cause, with Windows systems which had it installed being the ones effected.
“Sometimes such incidents are caused by unintentional mistakes when updating software. Sometimes it is the result of a cyberattack. But the irony is that cybersecurity companies are also part of the supply chain, and those same companies that are fighting to establish cyber resilience may too become victims themselves," Chris Dimitriadis, Chief Global Strategy Officer, ISACA said following the incident.
To detect signs of attack, Falcon has to monitor computers in a lot of detail, so it has access to a lot of the internal systems. This includes what communications computers are sending over the internet as well as what programs are running, what files are being opened, and much more. It is believed this is why such a software has therefore had such impact on systems, causing what is known as the 'Blue Screen of Death'.
Issues have been reported in multiple countries, including India, the Netherlands, the United States, the United Kingdom, New Zealand and Japan, among others.
Impact of outage
Outages of this scale can have immense consequences. In a post-pandemic, digitally-reliant world, an incident like this demonstrates the far-reaching impact of what can happen if essential technology fails.
In the UK alone, train companies and the National Health Service (NHS) widespread IT issues, which is inevitably causing delays to services. In other parts of the world, American Airlines confirmed this morning that its flights are grounded on account of the IT problems, citing an issue with CrowdStrike cybersecurity software.
The organising committee for the Paris Olympics has also confirmed its IT operations are impacted, a week before the games are due to commence.
These types of outages have not been uncommon recently, with the UK air traffic control systems experiencing a blackout in 2023 acting as an earlier example of what can happen in the event of a total system failure.
In addition, the impact of such significant cyber events cannot be understated within the healthcare sector. In June 2024, some London hospitals encountered an overwhelming ransomware attack linked to Synnovi, a provider of pathology services, that wreaked havoc on clinical services and led to significant cancellations.
Scope of services affected
Those that can access digital services have been quick to comment on the enormity of the outage. Australian computer expert Troy Hunt, who created the HaveIBeenPwned website, posted on X: “I don’t think it’s too early to call it: this will be the largest IT outage in history.
“The financial impact of this is already hard to fathom.”
Something super weird happening right now: just been called by several totally different media outlets in the last few minutes, all with Windows machines suddenly BSoD’ing (Blue Screen of Death). Anyone else seen this? Seems to be entering recovery mode: pic.twitter.com/DxdLyA9BLA
— Troy Hunt (@troyhunt) July 19, 2024
Reports suggest that networks and services have been impacted around the world, after an update to software provided by the company CrowdStrike is reportedly causing issues with computers running Windows. As a result, Tom Kidwell, co-founder of Ecliptic Dynamics and former British Army intelligence specialist, says that the problem could be “nauseating to fix”.
“Due to the nature of the update, an individual from every organisation will need to boot into safemode, remove the issue file/driver, and then either roll back or update to a new version, something CrowdStrike will need to release very quickly,” he states.
“Incidents like this highlight the vulnerability in using a single supplier on such a vast scale, and why it’s critical that organisations have a backup plan. Best practice for vendors is to pressure test any updates before rollout, however this can be difficult when you serve 60-90% of the world.”
Disruption on such a large scale is not to be understated. As the level of cyberattacks continues to rise each year, businesses are being advised to ensure their data is protected and their systems are robust enough to withstand an outage or even a breach.
“This disaster is one of the starkest ever reminders of just how powerful cyber and software could be if used as a weapon,” writes Deborah Haynes, Security and Defence Editor for SkyNews. “While this outage does not appear to have been caused deliberately, it underlines the fragility of the modern world to technology given that most areas of life rely on some form of computer systems and lines of code.
“It means, the way of life of people in nations, across continents and around the globe can be brought to a halt - or at the very least inconvenienced - by a single faulty piece of software.”
******
Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Technology Magazine is a BizClik brand
