Microsoft is scrambling to fix the ‘massive cyber event’ that caused computer meltdowns around the world on Friday.
Described as the ‘most serious IT outage the world has ever seen‘, the outage has hit supermarkets, banks, telcos, streaming services and PCs.
Brits woke up to find Microsoft software and hardware affected, with airports, railways and GP surgeries also among those reporting problems.
It’s all due to a ‘buggy’ security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks.
CrowdStrike – the company behind Falcon – is ‘actively working with customers’ who are affected, but insists it is ‘not a security incident or cyberattack’.
A ticket machine at the central London station that was showing up as out of service today due to the outage that bricked computers
Huge queues at Gatwick Airport after a massive Microsoft outage affected services, grounding flights and rendering big screens inoperable
The outage is due to a ‘buggy’ security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks. CrowdStrike – the company behind Falcon – is ‘actively working with customers’ who are affected, but insists it is ‘not a security incident or cyberattack’
WHAT HAPPENED?
On Friday, computers around the world started repeatedly crashing and displaying the ‘blue screen of death.
While Australia was the first to feel the brunt of the outage, UK and Europe is experiencing the chaos too, with Sky News and CBBC unable to broadcast live in the morning.
Departure boards at Gatwick and Edinburgh airports suddenly turned off, while NHS staff have described logging on to find non-clinical systems are down, meaning patients can’t book appointments.
Manchester United and Blackburn Rovers football clubs even tweeted to say its online ticketing system is experiencing disruption, the latter describing it ‘out of our control’.
Employees down under took to X/Twitter to celebrate being able to leave work early on a Friday because their PCs weren’t working.
US IT provider CrowdStrike admitted it was due to a defect in the ‘content update’ for its Falcon anti-virus software which crashed Microsoft Windows devices.
CrowdStrike has said a ‘fix has been deployed’ for the issue – but this could take days to manifest, so problems with Windows computers could be ongoing.
CrowdStrike CEO George Kurtz posted on X that the firm is ‘actively working with customers’ who are affected and said it is ‘not a security incident or cyberattack’
Computers around Australia were repeatedly crashing and displaying the ‘blue screen of death’. A blue error screen on a register is seen at a departmental store affected by a cyber outage in Brisbane, Australia, July 19, 2024
At least 48 Australian services suffered outages from Friday afternoon including supermarkets, banks, streaming services and work PCs
Other services affected include MyGov, NBN, Centrelink, ASX, and Australia Post, along with a number of social media entertainment services including Netflix , Facebook , Instagram , X, Xbox, Google Cloud, Open AI , Reddit, Nine, Foxtel, and the ABC
‘The near global outage appears to have been caused by a failure of systems associated with the CrowdStrike Falcon endpoint security monitoring software,’ explained Dr Mark Gregory, associate professor at RMIT University’s School of Engineering.
‘CrowdStrike is a global multi-national software solutions provider.
‘Many businesses and organisations have found that their software systems have failed due to the software system outage.
‘The reliance on centrally managed global software solutions can lead to significant security risks.’
IS IT A CYBER ATTACK?
Jake Moore, tech expert and security advisor at ESET, agreed it was likely a ‘technical fault’ from CrowdStrike, but we can’t rule out a cyberattack behind the scenes.
In the UK, Sky News is off air, while Britain’s biggest train company warned passengers to expect disruption because of ‘widespread IT issues’
Not in service: British railways warned passengers to expect delays because of the issue
‘At this moment it is more likely to be a huge technical fault but the fact it is possible is extremely worrying,’ Moore told MailOnline.
‘If anything, it would make threat actors take note of this particular outage and the potential damage it can cause.’
Professor Jill Slay, chair in cybersecurity at the University of South Australia, said at this stage it is ‘too early to draw conclusions’, but that an attack is not impossible.
‘While the outage may easily be a result of misconfiguration by one of these companies, or “interference” between products, the global impact is enormous,’ she said.
‘It is possible that there is a security breach, but to me, this is instinctively unlikely.’
Cyber expert Troy Hunt told Seven News the catastrophic crisis was not affecting all Microsoft Windows computers, but many of them.
NHS staff have described logging on to find non-clinical systems are down meaning patients can’t book appointments. This GP in Merseyside said it was unable to access any patient records
Employees down under took to X/Twitter to celebrate being able to leave work early on a Friday because their PCs weren’t working
Mr Hunt said CrowdStrike creates anti-virus products that regularly update with new definitions of viruses.
‘They run in a very privileged space on the PC, which means they have a lot of control,’ he said.
‘It looks like they’ve pushed a bad update, which is presently nuking every machine that takes it.
‘It could be quite some time to get those machines back on time.’
Toby Murray, associate professor at the University of Melbourne’s School of Computing, agreed that CrowdStrike Falcon is a ‘pretty privileged piece of software’.
‘It is able to influence how the computers it is installed on behave,’ Professor Murray said.
‘If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons – one, Falcon is widely deployed on many computers, and two, because of Falcon’s privileged nature.’
WHAT IS CROWDSTRIKE?
The rogue app that brought down computers across the world is ironically aimed at protecting PCs from hackers.
Crowdstrike is a security service designed to stop internet breaches for the globe’s biggest companies, but is now responsible for perhaps the biggest IT outage we have ever seen.
Computer analysts believe a badly-written bit of code in the update triggered the catastrophe and wrecked computer networks worldwide.
Crowdstrike has confirmed a faulty update was responsible for sparking the chaos.
It said in a statement: ‘Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.
‘Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.
‘We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
‘We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of Crowdstrike customers.’
Sky said: ‘We apologise for the interruption to this broadcast. We hope to restore the transmission of Sky News shortly’
This 7-11 store in Australia was forced to close due to the ‘global technical error’
Microsoft 365 said: ‘Our services are still seeing continuous improvements while we continue to take mitigation actions.
‘We still expect that users will continue to see gradual relief as we continue to mitigate the issue.’
WHAT ARE THE WIDER IMPLICATIONS?
The episode highlights how ‘dependent on technology’ society now is.
‘Society is dependent upon technology and this is why we must have both technical and non-technical controls in place to protect us when issues arise, whether malicious or not,’ said Adam Pilton, senior cybersecurity consultant at CyberSmart.
Windows is the most used operating system in the world, meaning the outage is affecting almost every part of the global economy – with restaurants and cafes, including the bakery chain Gail’s, unable to take card payments
‘Social media is ablaze with users reporting that they are unable to work and one user on Reddit even stated they were commenting purely to be part of history on The day that CrowdStrike took out the internet!’
‘This is very much the point of why all businesses must plan and prepare. As we are seeing, a huge dependency on individual suppliers can take down supply chains.’
Mark Lloyd, business unit manager at IT support firm Axians UK, called the outage a ‘stark reminder’ of how dependent the world is on cloud services.
‘From productivity tools to critical infrastructure, a large chunk of technology runs on cloud platforms,’ Lloyd said.
‘This outage showcases the immense power and reach these services hold.
‘Even the biggest tech giants are not immune to disruptions, and the need for robust redundancy and disaster recovery plans across the board are more critical than ever in this day and age.’