A faulty update to CrowdStrike’s Falcon Sensor caused a global IT outage on Microsoft systems Friday, causing international flights to be grounded, knocking banks offline and media outlets off air. Further compounding the situation, several states in the U.S. are reporting disruptions to emergency services.
AP reported that in Virginia, the City of Fairfax Police Department said on social media that it was experiencing technical difficulties with its phone systems, including 911. The department shared a non-emergency number for callers and said 911 could still be used, but calls would not go directly to the dispatch center. And in Iowa, the Marion County Sheriff’s Office warned on social media that phone lines were down. The department said that 911 calls might be routed to neighboring counties, but emergency calls would be promptly redirected to the sheriff’s office.
The bug has affected many stock exchanges, supermarkets, government services, and even hospital and healthcare systems. University Health Network, one of Canada’s largest hospital networks, said some of its systems had been impacted and some patients may experience delays.
Users are experiencing the Blue Screen of Death (BSOD) error, which is causing their systems to shut down or restart unexpectedly.
In a statement on X, CrowdStrike CEO George Kurtz said that the company is working with customers who have been impacted by a defect found in a single content update for Windows hosts, adding that Mac- and Linux-based systems have not been affected.
Emphasizing that the outage is not a security incident or cyberattack, he wrote: "The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website."
The company has a partnership with Amazon Web Services and its Falcon for Defender is designed to supplement Microsoft Defender to prevent attacks.
Maxine Holt, senior director, cybersecurity at Omdia said, “The global IT outage crisis is escalating, and organizations everywhere are in full scramble mode, desperately implementing workarounds to keep their businesses afloat. Omdia analysts connect the dots: this isn't a cyberattack, but it’s unquestionably a cybersecurity disaster. Omdia’s Cloud and Data Center analysts have long warned about over-reliance on cloud services. Today’s outages will make enterprises rethink moving mission-critical applications off-premises. The ripple effect is massive, hitting CrowdStrike, Microsoft, AWS, Azure, Google, and beyond. CrowdStrike's testing procedures will undoubtedly be scrutinized in the aftermath. For now, the outages continue to rise, and the tech world watches as the fallout unfolds.”
StickmanCyber CEO, Ajay Unni said, "IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster."
Matt Tuson, general manager of EMEA, LogicMonitor, added his comments to the growing concerns surrounding the outage. He said, "A global IT outage has far-reaching consequences, highlighting a huge reliance on IT infrastructure. From business operations to personal communications, connected technology is the backbone of modern society. Essential services such as banking, healthcare, and transportation face severe disruptions, leading to disarray and economic loss. There is also the societal impact. We rely on interconnected technologies for everyday tasks, including work, communication, education, and accessing information. So many of them link back to a single or a few particular vendors. An outage at their end leads to widespread frustration and can also hinder emergency response efforts, worsening any ongoing crises. A global IT outage, much like this one today, serves as a stark reminder of how deeply intertwined our lives are with digital connectivity and the urgent need to reinforce our IT systems against such vulnerabilities.”
Jim McGann, VP of strategic partnerships, Index Engines, blamed the quick push of defective software and worried about how vulnarable to attack our systems are. He said, "The outage is due to defective software that was quickly deployed to customers globally; software that is designed to keep organizations safe and secure in order to maintain critical operations such as transportation. However, this software failed, and the resulting chaos will have enormous impacts for days to come. This experience, although not a cyberattack, shows the bad actors how vulnerable our tech infrastructure is to disruption. Let’s hope this does not lay out a playbook for future ransomware attacks."
Ensuring network resilience across the entire IT stack is imperative to safeguard against such widespread disruptions in the future, Douglas Wadkins, VP at Opengear, urged.
"The scale of this incident is a stark reminder of the risks associated with a single point of failure. Identifying and mitigating single points of failure within an IT system is crucial for the level of continuity planning that could have kept systems up and running. Today it was an operating system issue; tomorrow it could be a network failure," Wadkins said. "When a software misconfiguration such as this happens, secure remote network access plays a vital role in swiftly addressing the issue and remediating it before the network goes down. The financial impact this will have cannot be overstated."