The “largest IT outage in history,” briefly explained
Airlines, banks, and retailers across the globe were among the many businesses that ground to a halt on Friday due to a flawed software update that led to massive delays and service disruptions.
According to CrowdStrike, the Texas-based cybersecurity firm behind the glitch, the issue was caused by a faulty update in its software for Microsoft Windows users, a problem it’s actively working to address. Mac and Linux users were not affected.
“This is not a security incident or cyberattack,” CrowdStrike CEO George Kurtz emphasized in a post on X, formerly known as Twitter. Kurtz added that the fix for the problem had already been “deployed,” but noted in a CNBC interview that it could take “some time” before it goes into effect for everyone experiencing the outage.
While people await a fix, thousands across the world are grappling with long waits at airports and trains, issues logging into their bank accounts, and challenges reaching key services, including first responders.
The tech error spotlights how central these systems have become to key day-to-day activities, including travel and financial transactions, and how vulnerable they can be to simple human mistakes.
What happened?
Early Friday morning, businesses from Europe to Asia to the US began experiencing problems with their Microsoft computer systems, with many suddenly seeing the dreaded “blue screen of death”: an error page that signals that a Windows machine is inoperable.
Since then, a wide range of services have been affected in what was described by Troy Hunt, a cybersecurity expert, as the “largest IT outage in history.”
More than 2,000 flights have been canceled in numerous airports. American Airlines, Delta, and United were just a few of the major operators forced to ground their flights globally for part of Friday.
A staggering graphic from Colin McCarthy, an atmospheric science student at UC Davis, captures how flight traffic slowed considerably in the wake of the tech snafu. Passengers at numerous airports documented the chaos while computers were down, and little information was available about updates or alternatives.
Beyond the travel hiccups it caused, the software problem has led to hospitals canceling elective surgeries, 911 operators experiencing glitches, and banks unable to provide customer information online.
How did this happen?
The problem was caused by “a defect found in a single content update of its software on Microsoft Windows operating systems,” Kurtz wrote on X. As The Verge notes, it appears the company was trying to update a driver in its Falcon offering, which is a cloud-based product that scans for potential hackers.
Falcon requires deep access to a computer’s system in order to operate effectively, meaning any glitches it experiences can have serious consequences, like the one that took place this week.
What is CrowdStrike?
CrowdStrike is an Austin, Texas-based cybersecurity firm that produces software to identify and stymie hacking threats. Its products are utilized by roughly 29,000 companies worldwide including hospitals, banks, and numerous Fortune 500 companies.
It has previously helped look into breaches at Sony as well as the Democratic National Committee.
How did CrowdStrike become so important?
Founded in 2011, CrowdStrike quickly became an industry leader in cybersecurity and has only grown in popularity in recent years as demand for such services has increased.
It has made an aggressive marketing push that included Super Bowl ads and has worked to tailor its products to the needs of large organizations with complex security. At least one 2023 analysis, from Canalys, found the company controls roughly 20 percent of the cybersecurity market.
Reviews for the company’s products were broadly positive in the past, describing them as user-friendly and accurate in finding threats. According to the Motley Fool, its stock surged 400 percent in the last five years.
When will the outage be fixed?
Kurtz, CrowdStrike’s CEO, has stressed that the team has identified the issue and is working to solve it, though it could take more time for some systems to recover.
The company has already worked to pull back the update, he noted, meaning certain organizations might be able to address the problem by simply rebooting their systems. For others that have been unable to fix the issue in this way, “it could be hours, it could be a bit longer,” Kurtz told CNBC. Some cybersecurity experts have said “a bit longer” could mean days.
Some systems could need a manual update, for instance, though Kurtz noted that the company is working to automate those solutions as much as possible.