Microsoft outage: CrowdStrike security update impacts airports, hospitals, banks around the world
A massive technology outage has hit computer systems globally — affecting airlines, hospitals, health care providers, 911 call centers, banks and other businesses.
CrowdStrike, a cybersecurity company founded in 2011, owns more than 10 different security and IT tools and, according to the company’s website, is involved with almost 300 of the Fortune 500 companies, six out of the top 10 health care providers, eight of the top 10 financial services firms and eight of the top 10 technology firms.
President Biden was briefed on the outage and his team has been in touch with CrowdStrike, according to a White House press release Friday morning. Biden is expected to receive “sector-by-sector updates,” and the Department of Homeland Security is working to “fully assess and address system outages.”
What exactly is the problem?
Devices using Windows Client and Windows Server that automatically installed a CrowdStrike security update Friday morning are “stuck in a restarting state.” This “restarting state” is more colloquially referred to as the “blue screen of death” (BSOD), which locks users out of their computers.
Something super weird happening right now: just been called by several totally different media outlets in the last few minutes, all with Windows machines suddenly BSoD’ing (Blue Screen of Death). Anyone else seen this? Seems to be entering recovery mode: pic.twitter.com/DxdLyA9BLA
— Troy Hunt (@troyhunt) July 19, 2024
What caused this?
Two issues with Microsoft systems happened back-to-back. On Thursday, some Microsoft clients in the central United States reported having issues with its cloud service, Azure, which resulted in several airlines briefly grounding all flights.
On Friday, a flawed security update by CrowdStrike affected even more Windows users. It is not clear whether Microsoft’s initial issue with Azure was related to the crashes caused by the CrowdStrike update.
George Kurtz, CrowdStrike’s chief executive, issued a statement Friday morning clarifying that it “is not a security incident or cyberattack” and that “the issue has been identified, isolated, and a fix has been deployed.”
"We’re deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this, including our company," Kurtz said in an interview on NBC’s “Today.”
Why is the CrowdStrike outage taking so long to fix?
Microsoft, in a post on X early morning Friday, said that while the “underlying cause has been fixed,” the “residual impact is continuing to affect some Microsoft 365 apps and services.”
Lukasz Olejnik, an independent cybersecurity consultant, told the New York Times that the problem is that resolving the issue requires a manual reboot for each device affected. For the large-scale companies and industries that are impacted, there isn’t a way to automate the reboot — each individual device affected has to be addressed.
“There is a workaround, but it requires manually tampering with Windows systems files in recovery mode,” Olejnik told the outlet. “Such practice is in general not advised ordinarily, as mistakes may cause other problems.”
Therefore these companies need to figure out how to deploy large numbers of professionals to go through and update each of their devices one by one.
This IT outage is a stark reminder of how dependent we are on technology and many other things that happen behind the scenes that most of us are unaware of.
Modern society and the many comforts we enjoy is a fragile thing.
Every day, we need to be grateful for what we have.— Adam Robinson, MBA (@AdamRobinsonMBA) July 19, 2024
Who is affected by the CrowdStrike outage?
Hospitals
Several major hospitals throughout the U.S. have had to cancel all “non-urgent visits” due to disruptions from the outages.
Mass General Brigham, a nonprofit that operates one of the largest hospital systems in Massachusetts, said in a post on X that it was dedicating “every available resource to resolve this issue as quickly as possible.”
James Bore, a managing director of a cybersecurity consulting firm, told the Associated Press, “There are going to be deaths because of this. It’s inevitable.”
Airports
Airports across the globe have reported issues with international and domestic flights. South Korea’s largest airport, Incheon International Airport, is dealing with delays across a lot of low-cost airlines because of issues with ticketing and other services.
In Germany, all flights at Berlin-Brandenburg Airport were temporarily suspended, although some departures started to resume around 10 a.m. CET. Dutch airline KLM also announced it was affected and that operations would be suspended until further notice. Switzerland’s largest airport in Zurich announced that planes were not allowed to land this morning.
In the United States, more than 26,000 flights were delayed and more than 2,000 flights were canceled because of the outage. By noon ET, the United Airlines ground stop was lifted.
12-hour timelapse of American Airlines, Delta, and United plane traffic after what was likely the biggest IT outage in history forced a nationwide ground stop of the three airlines. pic.twitter.com/wwcQeiEtVe
— Colin McCarthy (@US_Stormwatch) July 19, 2024
911 call centers
Several emergency 911 call centers were disrupted throughout the U.S. — including in Phoenix and across the entire state of Alaska — although some cities and states have reported improvement throughout the morning.
Courts
The New York Times reported that court systems were temporarily closed today because of the outage. The entire Maryland judiciary system announced this morning that it would only be open for "emergency matters." In Kansas, some courts have opted to use paper filings and manual processes for filings as they wait for a solution.
Schools
The outage also impacted computers on college campuses, where summer school classes are still in session. The University of Rochester, the University of Alabama, Rutgers University and the University of Kentucky are some of the few institutions that reported campus computers were subject to the CrowdStrike outage.
PowerSchool, which makes one of the most widely used information systems for K-12 grading and student enrollment across the U.S., also reported being affected by the outage.
Banks
TD Bank, the 10th largest in the U.S., confirmed that it was impacted by the outage and said it was working to restore all online banking systems. Bank of America, Visa, JPMorgan Chase, Charles Schwab and Zelle were also affected.
The London Stock Exchange’s news service stopped working, and Pakistan’s JS Bank told customers that it was facing technical issues. Bloomberg reported that Deutsche Bank said its research portal was impacted, and S&P Global Market Intelligence also said it was experiencing “service issues across numerous S&P Global Platforms, including Securities Finance products.”
However, forecasting firm Capital Economics told the AP that while the outage is still happening, it does not anticipate “a major macroeconomic or financial market impact at this stage.”
Public transportation
For the most part, public transit in major cities has been able to keep buses and trains running on time. However, the outage does seem to have impacted ticketing systems and other tech sectors, such as train times.
In an interview with CNBC, Secretary of Transportation Pete Buttigieg said there was “no indication of an impact to” most systems within the U.S. Department of Transportation.
Paris Olympics
The Paris Olympics, which kick off next week on July 26, said that its IT services had been affected — although mostly regarding uniform deliveries and accreditations. Its ticketing system and preparation of venues are “continuing normally,” the organization said in a press release.
