CrowdSrike, an $83 billion cybersecurity firm with more than 20,000 subscribers globally including Amazon.com, Microsoft among others saw a global outage that triggered systems lapses at various global firms and grounded over 5,000 flights.
The outage, caused by a software update also shut down systems of various of its customers in the banking, broadcast, airlines, shipping, healthcare and finance causing delays in processes and transactions, dropped medical appointments and customer orders among others.
According to CrowdStrike CEO George Kurtz, posting on X, the defect was found “in a single content update for Windows hosts” that affected over 8 million Microsoft customers among others.
President Joe Biden was briefed on the outage and the U.S. Cybersecurity and Infrastructure Security Agency were monitoring the outage. U.S. Customs and Border Protection experienced processing delays and digital billboards at Times Square blacked-out. The Dutch and United Arab Emirates’ foreign missions also reported disruptions.
CrowdStrike’s outage has made many industry analysts to questions the preparedness of firms to implement emergency plans during outages on such a big scale and how the market should be controlled. The analysts argue that as the world goes heavily into IT, they need to put in place systems to implement contingency plans when systems go down because such outages will happen again.
“This incident demonstrates the interconnected nature of our broad ecosystem — global cloud providers, software platforms, security vendors and other software vendors, and customers. It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist,” said said David Weston – Vice President, Enterprise and OS Security. “As we’ve seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together. We appreciate the cooperation and collaboration of our entire sector, and we will continue to update with learnings and next steps.”
According to reports, out of more than 110,000 scheduled commercial flights on Friday, 5,000 were canceled globally and some airports had delays as they were checking in passengers with handwritten boarding passes. Banks, hospitals and call centers were also affected.
The CrowdStrike affected nearly 8.5 million Microsoft devices, which is less than one percent of all Windows machines and it was working with CrowdStrike to resolve the issue.
While software updates may occasionally cause disturbances, significant incidents like the CrowdStrike event are infrequent. We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines. While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” said Microsoft in a blogpost adding that it has maintained ongoing communication with its customers, CrowdStrike and external developers to collect information and expedite solutions.
“We recognize the disruption this problem has caused for businesses and in the daily routines of many individuals. Our focus is providing customers with technical guidance and support to safely bring disrupted systems back online,” added Microsoft.