A botched update from CrowdStrike caused a massive global outage on Friday, hitting around 8.5 million Windows devices, according to a Microsoft blog post. The update led to blue screens of death, bringing down systems at hospitals, airlines, banks, and other major services. Only Windows machines were affected.
Although most of the issues were fixed by Friday afternoon, Microsoft and CrowdStrike are still dealing with the aftermath. In a Saturday blog post, Microsoft’s VP of Enterprise and OS Security, David Weston, said they’re working with CrowdStrike to create a scalable solution to speed up the fix using Microsoft’s Azure infrastructure. They’ve also roped in help from Amazon Web Services (AWS) and Google Cloud Platform (GCP).
CrowdStrike explained in their own blog that the update, meant to target new cyberattack methods, ended up causing a logic error and OS crashes on Windows 7.11 and above with CrowdStrike’s Falcon sensor. Despite the chaos, they noted that less than one percent of all Windows machines were affected. CrowdStrike said a significant number of the over 8.5 million devices affected from Friday’s botched software update are back online.
The outage led to over 1,500 cancelled flights in the US and dozens more across the UK for the third day in a row, leaving passengers stranded across airports. Hospitals, GPs, pharmacies, banks, supermarkets and millions of businesses have also been impacted.
The British Medical Association (BMA) has warned that normal GP services “cannot be resumed immediately” following Friday’s global IT outage, which caused a “considerable backlog.” The doctors’ trade union stated that GPs will “need time to catch up from lost work over the weekend” and urged NHS England to “inform patients” about the situation.
The BMA’s GP committee will continue discussions with NHS England and patient record system supplier EMIS to secure a “better system of IT backup” to prevent such a “disaster” from happening again.
A global IT outage is “likely” to occur again unless governments and industry work together to “design out” technological flaws, a leading cyber expert has said. Professor Ciaran Martin, the former chief executive of the National Cyber Security Centre (NCSC), said “the worst” of the global IT outage was over but countries would “have to learn to cope” with future flaws. The founding chief executive of the NCSC told Sky News: “The worst of this is over because the nature of the crisis was such that it went very badly wrong, very quickly. It was spotted quite quickly and, essentially, it was turned off.”
What would really happen if we faced a complete tech wipeout?
Power outages and internet disruptions are a hot topic right now, as a global Windows glitch has taken much of the world’s infrastructure offline. Flights are grounded, and TV channels like Sky News are off the air. Banks, payment companies, airlines, and train services are all experiencing delays and technical issues due to a flawed software update from cybersecurity firm CrowdStrike.
Former Deputy Prime Minister Oliver Dowden has previously warned about the need to prepare for prolonged disruption during a cyberattack. Although George Kurtz, founder and CEO of CrowdStrike, clarified that this outage wasn’t a cyberattack, it has certainly made us think.
