Why it's taking time for companies to recover from the Crowdstrike IT outage
- Airlines, banks, and supermarkets face disruption due to an IT outage linked to Crowdstrike.
- Crowdstrike's CEO said the problem was not caused by a cyberattack and a fix had been deployed.
- Here's why it's taking so long for businesses to fix the issue.
Major airlines, banks, and supermarkets are experiencing widespread disruptions linked to an IT outage after Microsoft reported problems linked to an update issued by cybersecurity firm Crowdstrike.
CEO George Kurtz said on X post the outage was not caused by a cyberattack or security incident and that the issue "has been identified, isolated and a fix has been deployed."
He told NBC News that Crowdstrike was rebooting its operations but that "it could be some time for some systems — it [won't] just automatically recover."
James Bore, a cybersecurity expert and managing director of Bores Group, told Business Insider that the issue can't be fixed automatically and requires a manual reboot. That could take a significant amount of time if an organization has many PCs.
There are several reasons that businesses might experience delays in returning to normal even though the underlying issue has been resolved.
Professor Feng Li, associate dean of research and innovation at Bayes Business School, told BI that one potential delay could be due to businesses bringing their systems back online carefully to ensure there are no lingering problems.
That means checks and manual interventions, which can be time-consuming. "The scale of the outage means that the sheer number of individual systems, endpoints, and data affected is massive. Each client's configuration might differ, requiring tailored approaches to restore," he said.
Many businesses still run Windows on physical PCs for everyday operations, while it also operates in cloud environments through services like Windows Virtual Desktop.
Li notes that this could result in further delays. "This dual usage can sometimes lead to confusion during recovery phases, as fixes might need to be applied differently in cloud versus traditional environments."
The recovery time might also be extended by companies taking extra precautionary measures so that they can be confident they are not exposed to other vulnerabilities during the reboot process, he added.
Microsoft and Crowdstrike didn't immediately respond to requests for comment from Business Insider.