A recent CrowdStrike update appears to be creating havoc on Windows devices across the world. According to reports, computers are experiencing issues and displaying a Blue Screen of Death (BSOD) error, preventing many businesses from operating.
The outage has affected several industries, including Sky News, which had to suspend transmission because of technical issues.
According to Microsoft, which has provided information on the matter, this global IT breakdown affected a staggering 8.5 million PCs globally. This is the first official statistic to come out of the tragedy, which might be seen as the most significant cyber event in history.
On Friday, a software upgrade triggered an unprecedented disruption, resulting in flight cancellations, disturbances for media groups and financial institutions, and impacts on medical facilities, retail stores, government buildings, and small businesses.
Australian banks, airlines, and TV broadcasters initially raised the alarm when thousands of computers began falling offline. Emergency services in the United States and Canada have also been disrupted.
CrowdStrike, a cybersecurity technology company located in Austin, Texas that is widely used by companies and government agencies running on Microsoft systems, Although a few services had returned to operation by Saturday, CrowdStrike CEO George Kurtz cautioned that it may take weeks for everything to fully recover.
According to its website, CrowdStrike counts around 60% of Fortune 500 businesses and more than half of the Fortune 1,000 among its customers. Leading IT organizations and eight of the top ten financial services corporations both employ its services.
Furthermore, six out of the top 10 companies in the industrial and healthcare sectors are served by CrowdStrike, highlighting the company’s significant position in these areas.
A faulty CrowdStrike update cause a global cybersecurity outage
CrowdStrike is one of the cybersecurity systems that automatically updates on a regular basis to fight new techniques that malicious hackers find. There’s always a chance, though, that software upgrades won’t work with other apps. Recently, CrowdStrike released an update that was supposed to be normal but included a technical fault.
This mistake has terrible impacts for Windows. A kernel-level driver upgrade, which CrowdStrike employs to protect Windows workstations, appears to be the primary problem.
George Kurtz, CEO of CrowdStrike, confirmed on X that a faulty update is to blame for the problem and that there hasn’t been a cyberattack:
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.
Cancellations of Flights and Interruptions to Businesses
Many significant organisations across multiple industries had already been impacted by the time the fix was announced. Numerous 911 emergency service nonprofit organisations, including those in New York (EMS, police, and fire department), Alaska, Arizona, and some regions of Canada, are said to have been disrupted by CrowdStrike’s upgrade.
According to an Illinois 911 operator, they were “working off of paper until things come back.” Authorities in Catalonia, Spain, have asked residents to contact 061 just in case of emergency due to the impact on the health hotline.
Many companies were affected in the United Kingdom. On Friday morning, train operators claimed cancellations to IT problems, while the London Stock Exchange stated that its regulatory news service had been suspended due to a “3rd party global technical issue”.
The Brandenburg Airport in Berlin, Europe, reported delays in passenger check-ins because to a “technical fault”. Aena, which oversees 46 airports in Spain, issued a warning about possible delays resulting from a computer system malfunction.
There were also delays and technical issues with some low-cost carriers in South Korea. One of Australia’s busiest airports, Sydney Airport, announced expected delays.
Kurtz said that impacted clients might get assistance from CrowdStrike professionals in a blog post published late on Friday. In addition, he issued a warning about fraudsters and hackers taking advantage of the situation.
Most applications and services have been restored through mitigating efforts; however, some users are still having trouble accessing Microsoft Teams and the Microsoft 365 admin center.
Cybersecurity experts and authorities worldwide have issued warnings about opportunistic hacking efforts related to the IT disruption due to the major outage. UK and Australian cyber authorities are advising people to be cautious when visiting websites, emails, or phone numbers that appear to be legitimate.
Secureworks researchers have observed a notable rise in domain registrations with CrowdStrike themes. To trick IT administrators or the general public into installing harmful software or disclosing personal information, hackers are developing new, official-looking websites.
Global cybersecurity companies recommend that IT responders obtain all their information and support from CrowdStrike’s official website.
At Phishing Tackle, we know all too well that security technology is often left incorrectly configured, demonstrated by our free Domain Spoofing Test which currently gets past around 50% of users security systems.
Security Awareness Training remains one of the most cost-effective methods of boosting cyber-security within your business. Have a look at our free Click-Prone® Test to find out how many of your staff are susceptible to a phishing attack and learn how you can reduce this number today.