Light Dark
July 23, 2024 By Josh Nadeau 3 min read
News

On Friday, July 19, 2024, nearly 8.5 million Microsoft devices were affected by a faulty system update, causing a major outage of businesses and services worldwide. This equates to nearly 1% of all Microsoft systems globally and has led to significant disruptions to airlines, police departments, banks, hospitals, emergency call centers and hundreds of thousands of other private and public businesses.

What caused this outage in Microsoft systems?

The global outage of specific Microsoft-enabled systems and servers was isolated to a faulty software update released by CrowdStrike, one of the largest independent cybersecurity companies with nearly 30,000 subscribers worldwide.

With the majority of these subscribers automatically pushing new security updates as they become available, all impacted systems were put into a BSOD (Blue Screen of Death) state. This triggered an infinite boot cycle of the operating system, leaving the systems unable to boot correctly. The operating system then attempts to restart but encounters the same error, causing the process to repeat indefinitely.

On July 19, CrowdStrike’s CEO George Kurtz announced on X that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts.” He also confirmed that “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”

What has been the aftermath of this incident?

Even though this CrowdStrike event only affected less than 1% of all Microsoft-enabled systems, the aftermath so far has been significant.

One of the largest industries impacted by the major outages caused by this faulty update has been air travel. On Friday, more than 3,300 flights had already been canceled around the globe. In the United States, three major airlines — Delta, American and United — all grounded their flights for several hours, causing a significant backlog of customer and commercial travel. Airports in Tokyo, Amsterdam and Delhi were also impacted while creating major issues in other international locations.

Banking institutions were also significantly disrupted by system outages that impacted everything from ATMs to mobile banking applications and call centers. Even more critical has been the impact on essential emergency services such as hospitals and 911 dispatch teams.

Massachusetts General Hospital released the following statement regarding the impact of the outage on its operations: “A major worldwide software outage has affected many of our systems at Mass General Brigham, as well as many major businesses across the country. Due to the severity of this issue, all previously scheduled non-urgent surgeries, procedures and medical visits are canceled today.”

The ongoing aftermath of this situation has demonstrated how reliant we are on an interconnected ecosystem of technology and services.

How is this issue being resolved?

As George Kurtz mentioned in his statement on X, CrowdStrike has already fixed the issue on its end and is actively working with its customers to fully resolve the problem. However, in an interview on the TODAY show on NBC, he also stated, “It could be some time for some systems that just automatically won’t recover.”

Many IT experts agree with this statement and claim it could take several days for larger organizations to get their systems back to normal operation. The problem lies in the BSOD issues that are being created. This means that while CrowdStrike has “pushed” an automatic update to users on their end since many customers will be unable to fully reboot their system, they won’t be able to receive and install the update.

CrowdStrike has published manual remediation actions for IT administrators to follow in the event they can’t see an automatic recovery from the issue. These actions involve booting an operating system into “safe mode,” making modifications to the installed drivers and rebooting again safely.

While the company has been clear that it has a permanent fix for this issue, it will take time for IT administrators to gain manual access to remote servers and systems running Microsoft operating systems so they’re able to address these issues.

Unfortunately, the damage has already been done. The ongoing ripple effects of significant economic impacts caused by this event continue to spread, with early estimates of the total losses associated nearing $1 billion.

Get IBM support updates here. If you are experiencing cybersecurity issues or an incident, contact IBM X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

 |  |  |  | 
Josh Nadeau
Cybersecurity Writer

More from News
September 4, 2024

3,000 “ghost accounts” on GitHub spreading malware

3 min read - In the past, cyber criminals directly distributed malware on GitHub using encrypted scripting code or malicious executables. But now threat actors are turning to a new tactic to spread malware: creating ghost accounts. A highly effective malware campaign Check Point Research recently exposed a new distribution-as-a-service (DaaS) network, referred to as the Stargazers Ghost Network, that has been spreading malware on GitHub for at least a year. Because the accounts perform typical activities as well, users did not realize that…

August 30, 2024

Warren Buffett’s warning highlights growing risk of cyber insurance losses

3 min read - The United States cyber insurance industry continues to see strong profits, according to Fitch Ratings. Average premium increases, meanwhile, have moderated over the last three years: While 2021 saw a 34% jump in premium pricing and costs rose 15% in 2022, increases were under 1% in 2023.As noted by the Fitch Ratings report, "segment underwriting profitability at current levels is unsustainable as cyber insurance pricing is likely to remain flat or down going forward." While this is good news for…

August 28, 2024

New CISA guidance for organizations adopting Single Sign-On

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) recently conducted a comprehensive study of various small and medium-sized businesses to help identify common challenges and opportunities associated with Single Sign-On (SSO) adoption. SSO has garnered considerable chatter across several industries, especially regarding its ability to improve security while extending a certain level of convenience to employees using this protocol. However, it hasn’t yet been widely adopted as a best practice standard. Some businesses rave about SSO's security benefits, while others are…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature