On Thursday, July 18, a massive IT outage affecting airlines, hospitals, law enforcement, theme parks, and other businesses was “heard around the world,” setting off a tech frenzy that caused widespread issues in operations. By the early morning hours of Friday, July 19, the overwhelming impacts of the tech glitch were apparent, resulting in grounded flights, commuter delays, canceled non-emergency surgeries and procedures, interrupted broadcasts, downed cash registers, and more.
Oddly, it wasn’t a cyberattack or other security incident that led to the global IT crisis. In an ironic turn of events, a cybersecurity firm is behind what has been termed “the world’s biggest IT outage.” A security software update gone wrong plunged the tech realm into chaos. Leading cybersecurity company CrowdStrike delivered this faulty update. According to NBC News, “[CrowdStrike] is used by many of the world’s Fortune 500 companies, including major global banks, healthcare, and energy companies.”
The cybersecurity vendor differentiates itself from other cyber firms with its “endpoint security” approach. This approach uses cloud technology to protect devices connected to the internet versus a more traditional approach of applying the same cyber protection to backend server systems. CrowdStrike’s Falcon product was the culprit, and Windows operating systems took the hit. CrowdStrike acknowledged fault, with CEO George Kurtz issuing a public apology. Kurtz stated that the update “had a software bug in it” that caused an issue with the Microsoft operating system. Mac and Linux operating systems were not impacted.
Microsoft VP of Enterprise and OS Security David Weston released a statement on Saturday, July 20, stating that while the percentage of Windows machines affected was small (less than one percent), “the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.” Weston was referring to the estimated 8.5 million Windows devices afflicted by the botched software update, leaving users staring at a blue error screen, often called the “blue screen of death,” rendering PCs useless until the issue is fixed.
The effects of the major disruption were catastrophic, resulting in 9,650 canceled flights over the weekend, according to news reports. Just over a quarter of those cancellations (2,619) occurred as late as Sunday. US airline Delta suffered the biggest losses. Additionally, Alaska State Troopers announced a statewide dismantling of 911 and nonemergency phone contact. Even as companies are coming back online, the impacts may linger.
CrowdStrike is also facing negative impacts. By Monday, July 22, CrowdStrike stock fell 11.5% and it’s been downgraded to “hold from buy” by Guggenheim and BTIG. Additionally, Oppenheimer removed the cybersecurity firm from its “2024 Top Picks” list. Checking back in on Tuesday, July 23, „…it’s now down more than 30% from it’s all-time high hit earlier this month.“ The failed update debacle is currently driving up business for competitors, with SentinelOne seeing a 20% gain in its stock since Friday. Business and market analysts suspect that there may be liability claims to come out of this, too, with customers seeking compensation for damages.
Microsoft blames EU rules for its part in the outage, claiming that a 2009 agreement with the European Commission restricted them from making any security changes that would’ve blocked the flawed update. The software giant is referring to an agreement meant to encourage competition and consumer choice by eliminating the company’s unfair advantage in the marketplace, particularly as a web browser. Similarly, Apple has concerns over the future safety of iPhones as another European law called the Digital Markets Act is forcing the tech company “to allow alternative app stores and web browser engines” on its popular devices.
CrowdStrike released a fix for the major IT disruption, but for many computer systems it was too late, requiring manual resolution for restoration of services. SVP and CIO of Oxford Global Resources Carol Riegert said, “Every impacted business is going to need help on the restoration. It is not something that will get resolved by the vendors. If the computers have already been impacted, it requires manual intervention on each impacted system.”
Riegert concluded, “This was a real test for business continuity and disaster recovery across the globe. Emergency preparation in the world of cloud apps has changed BC/DR testing and planning and should be re-evaluated to ensure cloud app recovery is part of the recovery plan.”