Global Chaos: Software Glitch, Not Cyberattack, Cripples Airports, Banks, and Businesses

Saturday 6 Jul 2024 |4 months ago
CrowdStrike, digital security company, admits that the reason is an update in protection systems

Barran Press

A software update by cybersecurity firm CrowdStrike has been identified as the culprit behind a major global tech outage that crippled airports, banks, and telecommunications companies worldwide. The incident, described as the largest global IT disruption in history by NBC News, was not a cyberattack, according to CrowdStrike CEO George Kurtz, who confirmed the issue on X (formerly Twitter).

The company, headquartered in Austin, Texas, and widely used by businesses and government agencies, attributed the problem to a flaw in one of its updates for Windows computers.

CrowdStrike engineers have taken steps to rectify the issue, according to CNN, advising customers to reboot their computers and implement other measures if they continue to experience technical difficulties.

The issue is limited to "Falcon," one of CrowdStrike's core software products, and does not affect Mac or Linux operating systems. CrowdStrike states that "Falcon" is designed to protect files stored in the cloud.

The cybersecurity program, used by numerous major corporations, including global banks, healthcare companies, and energy firms, is designed to detect and prevent hacking threats. The program requires deep access to a computer's operating system to scan for these threats. In this case, it appears that computers running Microsoft Windows are malfunctioning due to an incorrect interaction between the CrowdStrike software update and Windows.

Who is CrowdStrike?

CrowdStrike is a cybersecurity provider that develops software to help companies detect and block intrusions. The company is known as an "endpoint security" firm because it uses cloud technology to apply cyber protection to internet-connected devices.

This approach differs from alternative methods used by other internet companies, which involve applying protection directly to back-end server systems.

"Many companies use CrowdStrike and have it installed on all their devices across their organization," Nick France, Chief Technology Officer at IT security firm Sectigo, told CNBC. "So, when an update happens that may have issues, it causes this problem where devices are restarting, and people can't get back into their computers."

The massive cybersecurity firm operates globally through software sales and investigations into major breaches. CrowdStrike also assists in cybersecurity investigations for the US government. For example, the company claims to have tracked hackers from North Korea for over a decade. It was also tasked with tracking the hacking groups responsible for the 2014 breach of Sony Pictures.

However, CrowdStrike is perhaps best known for its investigation into the Russian hacking of Democratic National Committee computers during the 2016 US election. The company was at the heart of false conspiracy theories since 2016.

CrowdStrike was the first to publicly raise the alarm about Russian interference in the 2016 election, and the company's assessment was later confirmed by US intelligence agencies.

The Fallout:

The glitch, acknowledged by CrowdStrike CEO George Kurtz on X (formerly Twitter), appears to have touched nearly every major business sector. Airports and airlines across the globe experienced severe delays or cancellations as computer systems vital for operations were crippled. Major US airlines, including American, Delta, and United, issued ground stops due to communication issues.

Long queues snaked through airports from Berlin to Hong Kong as electronic systems failed, forcing staff to manually check passengers. In a throwback to the pre-digital age, an Indian publication shared a photo of a handwritten boarding pass.

Banks were also affected, leaving some customers unable to access their funds. People in Australia, New Zealand, and other regions reported issues logging into major retail bank accounts. London Stock Exchange, Europe's largest, reported disruptions to some services, though trading was not halted.

The retail sector saw McDonald's close some of its stores in Japan, citing a "cash register malfunction" in an online statement. British grocery chain Waitrose resorted to handwritten notes informing customers they were accepting cash only.

Global shipping hub Baltic Hub in Poland reported network disruption issues. Law enforcement agencies, including the Alaska State Troopers, reported problems, warning that the 911 emergency line was temporarily down. UK news channel Sky News, owned by Comcast, parent company of NBCUniversal, experienced a brief outage.

Initial reports suggest computers that were not powered on during the update may have avoided the problem.

The Root Cause:

Cybersecurity software like CrowdStrike undergoes frequent, automatic updates to stay ahead of evolving threats. However, there's always a small risk of any update conflicting with other software.

The CrowdStrike update, intended to be routine, contained a coding error that clashed with Windows, proving disastrous. Kurtz explained on Friday's "TODAY" show that while some users saw their computers automatically recover, others would require manual intervention.

"We sent out a system update, and that update had a coding error in it, and that caused a problem with the Microsoft operating system," Kurtz said. "Our systems are always looking for the latest attacks from these adversaries out there."

Back to Normal?

CrowdStrike identified the issue and released a fix early Friday after the problem began. The fix requires affected computers to download another software update, which some have been able to do automatically.

Several affected companies and services, including New Hampshire's Department of Safety, which reported a brief 911 system outage, were back online by Friday morning.

Others have been unable to download the update, potentially requiring IT staff at some companies to manually reboot and adjust each affected computer.

"A lot of the customers are rebooting, and it's coming up, and it's going to be ready to go because we fixed it on our end," Kurtz said. "Some of the systems that are not recovering, we're working on it, so it might take a while for some of the systems that are not going to recover automatically."

 

Share :

Related Topics