A technological meltdown left employees of airlines, banks, hospitals and emergency services around the world staring at the dreaded “blue screen of death” on Friday as their computers went inert in what is being described as a historic outage.
“This is basically what we were all worried about with Y2K, except it’s actually happened this time,” internet security analyst Troy Huntsaid via X.
From continent to continent, Microsoft users reported being suddenly knocked offline, and the culprit was determined to be cybersecurity company CrowdStrike, which says one of its routine software updates malfunctioned.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” the company said in a statement.
Customers using Mac and Linux operating systems were not affected, CrowdStrike said.
When the faulty update crashed computer systems, scores of airport travelers were stranded, hospital appointments were delayed and live news broadcasts were cut short.
How big is the outage?
It is massive, far-reaching and sudden.
Some computer problems cascade, creating ripples of failures. But in this case, the flaw permeated Microsoft systems worldwide nearly immediately. The company says its Windows 365 Cloud PCs, apps and services were affected.
While server-related outages are common, the scale of the CrowdStrike disruption was astonishing to many tech observers.
“This IT outage is a stark reminder of how dependent we are on technology and many other things that happen behind the scenes that most of us are unaware of,” said Louisville-based tech executive Adam Robinson on X. “Modern society and the many comforts we enjoy is a fragile thing.”
What kinds of companies and services went offline?
Delta Airlines, United Airlines and American Airlines grounded all flights.
In some states, including Alaska and Ohio, 911 phone lines were down overnight Thursday, although Alaska State Troopers said on Facebook that service was restored by 4:30 a.m. Friday.
In Germany, some hospitals canceled non-emergency operations.
The London Stock Exchange’s news service stopped working.
Broadcasters around the world were also hit. In France and Australia, live television broadcasts were knocked offline.
Sky News, a major U.K. news channel, was off air for a time on Friday morning. It later returned, but without “full capabilities,” its chairman, David Rhodes, said on X Friday afternoon. A post on Australia’s ABC News website said the broadcaster was experiencing a “major network outage.”
How do people fix their computers?
CrowdStrike says the problem was not a cyberattack, but rather a software glitch. The company said the issue has been identified and that a fix was sent to customers.
It also published a workaround that involves booting a Windows machine in a recovery environment, deleting a single file in the CrowdStrike directory, and restarting.
What is CrowdStrike?
It’s a U.S. cybersecurity firm based in Austin, Texas. The company went public in 2019 and is currently in the S&P 500 index. As of early July, CrowdStrike’s stock had been riding months of gains. But share prices fell sharply in early trading Friday.
“This is clearly a major black eye for CrowdStrike,” said WedBush analyst Dan Ives.
CrowdStrike made headlines in 2016, when the company was hired by the Democratic National Committee to investigate a breach of its data systems. CrowdStrike determined that the hack was a case of foreign interference — the work of Russian-backed hacking groups.
The company’s marquee product is its “Falcon” cybersecurity software — and it traced the current problem to a change in a sensor in that system. That also helps explain how and why the resulting failures spread so quickly: Rather than being stored locally, the Falcon security platform “is 100% cloud-based.”
