CROWDSTRIKE’S global IT meltdown could have come straight out of a Black Mirror episode as even hackers couldn’t dream to make such a damage, an expert has said.
Senad Aruc has more than 25 years of experience in cybersecurity and revealed that Friday’s “tech doomsday” will cause billions of financial impact across the globe.
A Crowdstrike update is believed to be behind the outage
APHundreds of passengers wait in front of counters at BER Airport in Schoenefeld, Germany, after check-in was delayed due to a ‘technical fault’[/caption]
Senad ArucSenad Aruc is founder and CEO of Imperum Security Operation Center (SOC) platform[/caption]
Airports have been hit with ‘Blue Screens of Death’ leaving passengers scrambling amid delays and cancellations
The major global tech outage has sparked mayhem with flights grounded and TV channels and banks knocked offline.
The severe issues at Microsoft have crashed computer systems across the world leaving major businesses, newsrooms and television networks all plunged into chaos on Friday.
Cybersecurity software firm CrowdStrike say they have identified the issue behind the global outage as a flawed anti-viral update.
The firm are reportedly used by Microsoft to handle various updates to their systems.
Senad, founder and CEO of Imperum Security Operation Center (SOC) platform, told The Sun that CrowdStrike deployed an automatic update to its cloud-based Endpoint Detection Response (EDR) platform.
But this update caused widespread issues, including the “blue screen of death” on systems using Microsoft’s operating system.
The incident had far-reaching impacts, notably in airports where it led to widespread chaos.
Airlines were unable to check in passengers, and even basic airport terminal services were disrupted.
The disruption also extended to banks, healthcare services and other critical sectors, leading to a domino effect of failures.
What is CrowdStrike?
THE global cyber outage affecting TV channels, banks, hospitals, airports and emergency services appears to relate to an issue at cybersecurity firm CrowdStrike.
IT security firm CrowdStrike ran a recorded phone message on Friday – saying it was aware of reports of crashes on Microsoft’s Windows operating system relating to its Falcon sensor.
A prerecorded message said: “Thanks for contacting CrowdStrike support. CrowdStrike is aware of reports of crashes on Windows… related to the Falcon sensor.”
The Falcon system monitors the computers it is installed on and detects hacks and bugs before responding to them.
CrowdStrike, headquartered in Austin, Texas, says it is a global security leader which provides an advanced platform to protect data.
A CrowdStrike update on Friday is said to have caused a critical error in Microsoft operating systems, affecting millions worldwide.
The company regularly updates systems with new anti-virus software
Toby Murray, associate professor in the School of Computing and Information Systems at The University of Melbourne, Australia said: “If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons .
“One: Falcon is widely deployed on many computers, and two: because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats.
“It is possible that today’s outage may have been caused by a buggy update to Falcon.”.
Cyber expert Troy Hunt told Australian TV network Seven: “It looks like they’ve pushed a bad update, which is presently nuking every machine that takes it.”
Senad described today as “doomsday” and likened the situation to a Black Mirror episode.
He explained that just as in the hit Netflix show, the day started normally but turned into a nightmare due to the heavy reliance on interconnected systems.
The unexpected and severe disruptions caused by the software update echoed themes from the show, where technology failures lead to catastrophic consequences.
He elaborated that this incident is a modern version of doomsday because it disrupts everyday activities and infrastructure, unlike the traditional idea of doomsday which was associated with wars.
Senad told The Sun: “It’s doomsday because you expect that you’re going to board the plane, you expect that you’re going to buy a coffee, you expect that you’re going to come, you expect that you’re going to have a flawless travel and communication in this connected world.
“And then suddenly nothing is happening. So, I mean, before connected world before IT, doomsday was only wars, right?
“But right now, doomsday can happen only with more basic things like this, unfortunately.”
He continued: “It’s a hundred percent the same as a Black Mirror episode.
“Another kind of doomsday is the wars that we’re facing in the world, right? So when you wake up in the morning and you don’t have anything.
“The doomsdays that we used to know for the wars is now happening for the IT. So that’s how it is.”
When asked if this is the biggest IT meltdown in recent history, Senad told The Sun: “Yes and the impact is huge since real hackers will hit the viability in 90% of the attacks.
“Even the best hackers groups cant do such an outage or damage.”
EPAStores have been forced to temporarily close due to the tech issues[/caption]
EPABanks and shops have been hit with the IT meltdown[/caption]
GettyFlights across the world have been plagued by the outages with many airlines announcing severe delays[/caption]
@akothari / XPaper boarding tickets have been used in India due to the outages[/caption]
The root cause of the problem stemmed from the use of a cloud-based solution in mission-critical systems, which Senad suggests is a fundamental mistake.
While CrowdStrike released a workaround, it required human intervention, making the recovery process slow and cumbersome.
Senad also criticised the reliance on cloud-based solutions for critical infrastructure, advocating for more resilient alternatives like air-gapped systems.
He emphasised the need for robust disaster recovery plans to mitigate such incidents.
Senad made sure to stress that Microsoft is not the one to blame for the global meltdown as the issue was with CrowdStrike’s patch, not Microsoft’s operating system.
He said: “I don’t want to blame CrowdStrike or Microsoft. It’s not fair because it can happen to anyone.”
“People who are profiting from a business where it’s tied to mission-critical infrastructure, they must have a disaster recovery plan in a case like this.”
The incident will likely cost CrowdStrike both financially and reputationally, although they remain a leading cybersecurity firm, the cybersecurity expert added.
The exact financial impact is uncertain but expected to be in the billions, given the widespread nature of the disruptions.
Global services affected by IT outage
rains
Govia Thameslink Railway (GTR) – urged passengers to expect disruption due to “widespread IT issues”
Gatwick Express – warned travellers they are “currently experiencing widespread IT issues”
South Western Railway – all ticket vending machines are currently non operational – buy tickets online
National Rail – some train operators are unable to access driver diagrams at certain locations, leading to potential short-notice train cancellations
TransPennine Express – some TPE stations and systems are having IT issues – buy tickets online
New York City’s MTA system affected
Washington D.C Metro trains – delayed
Airports and airlines
Manchester Airport – delays for those checking-in for Swissport flights
London Gatwick – passengers may experience some delays while checking in and passing through security but should still arrive for their normal check-in time
Ryanair – advise passengers to arrive at the airport three hours in advance of their flight to avoid any disruptions
Edinburgh Airport – wait times longer than usual
Stansted Airport – some airline check-in services reverted to being done manually, but main operational systems are unaffected and flights are still operating as normal
Luton Airport – running manual systems
Heathrow Airport – affected but flights operational – check with airline on latest journey information
American Airlines – all flights cancelled
United and Delta – no flights taking off
Allegiant Air and Spirit Airlines – flights grounded
Frontier and SunCountry – affected by outage
San Francisco Airport – passengers reporting suspended flights
Mumbai Airport – check-in desks shut down for IndiGo, Akasa and Spice Jet flights
Australian airline Qantas – flights grounded
Schipol Airport in Amsterdam – flights to and from the Netherlands affected
Spanish airport association AENA – reported issues at 42 airports
Rome’s Fiumicino Airport affected
Ibiza Airport – empty due to IT outage
Hamburg Airport in Germany affected
BER Berlin Airport – Long queues
The Hague Airport in Rotterdam – travellers experiencing longer wait times
Narita International Airport in Narita, east of Tokyo – check-in delays
Palma Mallorca Airport affected
Suvarnabhumi Airport in Bangkok – longer queues reported
Hong Kong Express Airways passengers delayed at Hong Kong International Airport
Television Networks
Sky News – Friday morning breakfast show unable to air but now back on screens with reporter reading from printed notes
Paramount Global channels including MTV, VH1, CMT and Pop TV – bumped offline.
Britain’s GPs
The Wilmslow Health Centre in Cheshire – without access to their IT systems
Solihull Healthcare Partnership in the West Midlands – affected ability to book/consult with patients this morning
Central Lakes Medical Group in Ambleside – stated there has been a “big effect” and delays on the phone expected
Pocklington Group Practice in the East Riding of Yorkshire – appointments needing to be cancelled and rearranged
Hulme Hall Medical Group, in Stockport – unable to offer any appointments
Windrush Medical Practice in Witney, Oxfordshire – continuing as normal for urgent enquiries but ask for routine concerns to wait until Monday
Grimethorpe Surgery in Barnsley – no access to the clinical system, EMIS Web
The National Pharmacy Association (NPA) confirmed the IT outage is disrupting community pharmacies
A surgery in Putney, southwest London – Displaying an error message online to patients who attempt to book
Global hospitals
Two German hospitals have been forced to cancel emergency operations
The hospitals, in the northern German cities of Luebeck and Kiel, cancelled all elective operations scheduled for today
Supermarkets and restaurants
Morrisons are affected
Some Waitrose and Co-op are now cash only
Gails and Waterstones experiencing some issues
Wetherspoons pubs – only accepting cash
Woolworths and Coles supermarkets in Australia – self service machines not working
Events
Manchester United ticket release postponed – morning’s ticket release will be postponed until midday and website will remain unavailable
Banks and supermarkets in Australia including Beyond Bank Australia have also been experiencing issues this morning.
Various Microsoft services in Japan and New Zealand are also battling tech issues.
Senad said the incident highlights the collective mindset in IT to rapidly adopt trends like cloud computing without fully considering the risks.
He explained: “Every single airline in the world is the problem.
“If we convert this to money, I think that billions is going to take right now.
“The reason for these billions flying is not the cost itself. It’s a collective mindset problem.”
Senad suggests that while cloud solutions are integral to modern IT, critical systems should maintain on-premises or air-gapped solutions to prevent such failures.
What we know so far…
Cybersecurity software firm CrowdStrike sent out a flawed anti-viral update which affected Microsoft Windows systems around the world
Airports, businesses, banks, newsrooms, television networks, supermarkets, ships and more have been plunged into chaos
Planes were even made to remain in the air on Friday morning
Britain woke up to chaos with NHS appointments cancelled, mayhem at supermarkets and huge airport queues
Friday’s Sky News breakfast show was wiped off computer and TV screens completely
Microsoft uses CrowdStrike to handle its system updates – with the tech company looking to fix the outage “urgently”
CrowdStrike said the problem is related to their “Falcon Sensor” and they have reverted back to an older system to avoid further disruption
The company confirmed it was not a hack or cyber attack
Moving forward, it’s crucial for companies to balance innovation with reliability, ensuring that disaster recovery plans are robust and that critical infrastructure is not overly dependent on potentially vulnerable cloud solutions.
The CrowdStrike incident serves as a wake-up call for the industry to reassess the balance between innovation and operational reliability, especially in mission-critical environments, he said.
Cybersecurity software firm CrowdStrike say they have identified the issue behind the global outage as a flawed anti-viral update.
The firm are reportedly used by Microsoft to handle various updates to their systems.
Microsoft has since announced it is taking “mitigation actions” against the issues.
CrowdStrike is said to be used by Microsoft to handle various updates to their systems
Many Microsoft users are facing a blue screen on their computers detailing the issue
GettySky News live broadcast was down early Friday morning – leaving viewers seeing just a statement on screen[/caption]
GP surgeries confirmed they are unable to access patient records or book appointments
They said via X: “Our services are still seeing continuous improvements while we continue to take mitigation actions.
“We remain committed in treating this event with the highest priority and urgency while we continue to address the lingering impact for the remaining Microsoft 365 apps that are in a degraded state.”
A Microsoft spokesperson told Bloomberg that a “resolution is forthcoming”.
CrowdStrike said in a post on their website: “CrowdStrike is aware of reports of crashes on Windows related to the Falcon Sensor.”
They confirmed it isn’t a hack or a cyber attack that caused the issues.
President & CEO George Kurtz said on X: “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.
“The issue has been identified, isolated and a fix has been deployed.”
It comes as American Airlines, Delta, and United flights were forced to stay in the air as the global outage sparked travel chaos for flyers.
And NHS GP surgeries confirmed they are now unable to access patient records or book appointments.
Sky News and Sky Sports have also been rocked by the outages with them going off air completely – leaving viewers baffled by the severe disruption.
Friday’s Sky News breakfast show was wiped off computer and TV screens for hours with a statement apologising for the “interruption” being shown instead.
‘Trail of destruction’
By Jamie Harris Assistant Technology and Science Editor at The Sun
This is probably one of the biggest outages that I have witnessed in my career as a technology journalist.
It’s been so far reaching, affecting multiple countries and multiple sectors, from aviation, healthcare, travel, rail travel, media.
So this is a really huge outage and it’s been going on now for several hours.
We’ve seen Sky News go off air and other broadcasters struggling, banking systems, GP, systems, airlines – you name it.
People across the world have been saying that they’ve been getting the dreaded “blue screen of death” which we’ve all seen before and is not ideal for people logging into work on a Friday morning.
Glitches happen all the time and are usually brief but with this one it has gone on for hours. Nobody really seems to know when it’s going to end and so there’s just a trail of destruction in its path.
The situation just shows how dependent we are on technology these days.
Experts are still trying to ascertain exactly what caused this – and crucially how to fix it – but many have pointed the blame at US cybersecurity firm CrowdStrike.
Part of the problem is so many large companies are dependent on so few companies to manage IT resources.
So if one goes down, then essentially, it’s a domino effect, and everyone else suffers.