Business Standard

'Blue screen of death': Underlying cause of outage fixed, says Microsoft

CrowdStrike CEO George Kurtz said on social media platform X that a defect was found "in a single content update for Windows hosts" that affected Microsoft's customers and that fix was being deployed

airport

Berlin airport temporarily halted all flights on Friday due to the technical fault (Photo: Reuters)

Reuters
A worldwide tech outage crippled industries from travel to finance on Friday before services started coming back online after hours of disruption, highlighting the risks of a global shift towards digital, interconnected technologies.

A software update by global cybersecurity firm CrowdStrike appeared to have triggered systems problems that grounded flights, forced some broadcasters off air and left customers without access to services such as healthcare or banking.
 
U.S. President Joe Biden had been briefed on the outage, a White House official said.
 
CrowdStrike CEO George Kurtz said on social media platform X that a defect was found "in a single content update for Windows hosts" that affected Microsoft's customers and that a fix was being deployed.
 
 
Microsoft said later on Friday that the issue had been fixed.
 
"We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our company," Kurtz told NBC News' "Today" programme.
 
"Many of the customers are rebooting the system and it's coming up and it'll be operational," Kurtz said. "It could be some time for some systems that won't automatically recover." CrowdStrike shares plunged as much as 14.5% shortly after the Wall Street open before paring losses to trade down 8.5%.
 
Its cyber rivals were up, with SentinelOne 3.6% higher and Palo Alto Networks up 1.7%.
 
Microsoft was down 0.2%.
 
"Earlier today, a Crowdstrike update was responsible for bringing down a number of Windows systems globally. We are actively supporting customers to assist in their recovery," Microsoft chief communications officer Frank Shaw said in a post on X.
But even as companies and institutions began restoring regular services, experts said the cyber outage revealed the risks of an increasingly online world.
 
"This is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure," said Ciaran Martin, professor at Oxford University's Blavatnik School of Government and former head of the UK National Cyber Security Centre.

While the core problem appeared simple, which should make it short-lived, its immediate impact was remarkable, Martin said.
 
"I'm struggling to think of an outage at quite this scale." Accelerated by the COVID-19 pandemic, governments and businesses alike have become increasingly dependent on a handful of interconnected technology companies over the past two decades, which explains why one software issue rippled far and wide.

 
Disruption
 
Early on Friday, major U.S. airlines - American Airlines , Delta Air Lines and United Airlines - grounded flights, while other carriers and airports around the world reported delays and disruptions.

Banks and financial services companies from Australia to India and Germany warned customers of disruptions and traders across markets spoke of problems executing transactions.
 
"We are having the mother of all global market outages," one trader said.
 
In Britain, booking systems used by doctors were offline, multiple reports posted on X by medical officials said, while Sky News, one of the country's major news broadcasters, was taken off air and apologised for being unable to transmit live.
 
Soccer club Manchester United said on X that it had to postpone a scheduled release of tickets.
 
Airports from Los Angeles to Singapore, Hong Kong, Amsterdam and Berlin said some airlines were having to check in passengers manually, causing delays.
 
Government agencies were also affected with the Dutch and United Arab Emirates' foreign ministries reporting some disruptions.
 
As the day progressed, more and more companies reported a return to normal service, including Spanish airport operator Aena, U.S. carriers American Airlines, Frontier and Spirit, Dubai International Airport operator and Australia's Commonwealth Bank.
 
U.S. Transportation Secretary Pete Buttigieg said transportation system issues appeared to be resolving and would hopefully be back to normal by Saturday, adding that the Federal Aviation Administration did not appear impacted.
 
LSEG Group also said its data and services were back up and running after an outage that caused some disruption across financial markets.
 
Still, industry experts weighed the potential impact for the sector of what one called the biggest ever IT outage.
 
"IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster," said Ajay Unni, CEO of StickmanCyber, one of Australia's largest cybersecurity services companies.
 
U.S.-based CrowdStrike, with a market value of about $83 billion, is among leading cybersecurity companies, counting more than 20,000 subscribers around the world, its website showed.


Everything, everywhere   
 
Airlines around the globe warned of delays and cancellations or switched to manual check-in, with some halting flights
 
Britain's Sky News resumed broadcasting after an hours-long outage, but operating at minimal capacity and without many of its usual services
 
FedEx said it faced substantial disruptions throughout its networks due to outage experienced by a third party software vendor
 
England's National Health Service (NHS) said bookings of doctors’ appointments and patient records were disrupted, but emergency services had not been affected
 
The Paris Olympics organising committee said the cyber outage was slowing its operations


What is crowdStrike 

CrowdStrike offers cloud-based security solutions to businesses. Its Falcon tool identifies unusual behaviour and vulnerabilities to protect computer systems from threats such as malware.
 
Founded in 2011 and based in Austin, Texas, CrowdStrike operates in more than 170 countries.The US accounted for nearly 70 per cent of the more than $900 million in revenue it reported for the quarter ended April.
 
 Some of the world's biggest tech companies including Alphabet's Google, Amazon and Intel are its customers. It has about 29,000 customers across the globe.
 
Its presence spans several sectors with clients including retail giant Target, Formula One and the US government.
Shares of CrowdStrike tumbled nearly 12 per cent in premarket trading on Friday.

What caused the cyber meltdown?
 

What happened?

According to an alert sent by CrowdStrike to its clients on Friday, its widely used “Falcon Sensor” software caused Microsoft Windows to crash and display a blue screen

What did it happen?

To protect the computer networks from being breached by hackers, businesses use a cybersecurity product known as Endpoint Detection and Response, or EDR, which runs in the background of corporate machines. Firms like CrowdStrike are able to use their EDR products as early warning systems for potential digital attacks, scan for viruses, and prevent hackers from gaining unauthorised access to corporate networks. But, in this case, something in CrowdStrike’s code is conflicting with something in the code that makes Windows work, and causing those systems to crash, even after rebooting

Who has been impacted?

The global tech outage has affected operations in different sectors internationally including at Spanish airports, US airlines, Indian airlines, Australian media and banks. In Britain, Sky News, one of the country’s major television news channels, was off air for hours on Friday before service was restored.

Microsoft

Completed our mitigation actions and our telemetry indicates all previously impacted Microsoft 365 apps and services have recovered, Microsoft said.  On Azure Cloud it added, “ Received reports of successful recovery from some customers attempting virtual machine restart operations”.

CrowdStrike
 
“We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this, including our company,” CrowdStrike CEO George Kurtz told NBC News. “Many of the customers are rebooting the system and it’s coming up and it’ll be operational,” he added.

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jul 19 2024 | 11:01 PM IST

Explore News