CROWDSTRIKE GLITCH AFFECTED EVERYTHING GLOBALLY

AIRPORT

Displays at LaGuardia Airport in New York show the infamous “blue screen of death.” AP Photo/Yuki Iwamura

Title: “CrowdStrike’s Content Update Snafu: A Global IT Outage and Its Ripple Effects”

BY SNN.BZ STAFF

The unexpected chaos caused by a recent incident involving CrowdStrike and its impact on global IT systems, airlines, and even ATM activity.

Introduction: The Day the Digital World Stumbled

On a seemingly ordinary day, the digital landscape was jolted by an unforeseen event—a major global IT outage that disrupted industries across the world. Airlines grounded flights, banks faced hiccups, and businesses of all sizes grappled with the fallout. What caused this widespread disruption? The answer lies in a seemingly innocuous software update from cybersecurity firm CrowdStrike.


The Incident: A Defect in the Update

The outage led to thousands of flight delays on July 19, 2024. AP Photo/Yuki Iwamura

CrowdStrike, a well-known cybersecurity company based in Austin, Texas, provides protection services to businesses and government agencies that rely on Microsoft Windows systems. However, in a twist of fate, one of its routine updates triggered a domino effect that reverberated globally. Here’s what happened:

  1. The Update: CrowdStrike released an update to its Falcon platform—a cloud-based system designed to block cyberattacks. These updates are part of the company’s ongoing efforts to enhance security.
  2. The Logic Error: Unfortunately, this particular update contained a logic flaw. In technical terms, a sensor configuration update within Falcon “triggered a logic error.” Essentially, it caused computers running Microsoft Windows to crash.
  3. The Fallout: Airlines, banks, retailers, brokerage houses, media companies, and even railway networks felt the impact. Major U.S. airlines—United, American, and Delta—grounded flights worldwide. Blue error screens popped up on public screens across the U.S. and beyond.

CrowdStrike’s Response and the Fix

  • CEO’s Confirmation: CrowdStrike’s CEO, George Kurtz, confirmed that the outage resulted from a “defect” in the content update for Windows hosts. Importantly, he ruled out any cyberattack. Mac and Linux hosts remained unaffected.
  • Rolling Out the Fix: The company swiftly worked on a solution. They rolled out a fix to address the logic flaw, but the aftermath lingered.

The Ripple Effects: Cancelled Flights and Disruptions

  • Flight Chaos: Nearly 3,000 flights were canceled within or into the United States. Airports scrambled to manage the chaos. Atlanta’s Hartsfield-Jackson International Airport, a major hub, topped the list of U.S. airports with cancellations.
  • Banking and Retail: Banks faced temporary outages, and retailers struggled with disrupted operations. Imagine the frustration of shoppers unable to complete transactions!
  • Media and Railways: Media companies grappled with technical glitches, and railway networks experienced delays.

Conclusion: Lessons Learned

The CrowdStrike incident serves as a stark reminder of the interconnectedness of our digital world. A seemingly minor update can have far-reaching consequences. As organizations rely more on cloud-based services and cybersecurity solutions, rigorous testing and quality control become paramount.

So, the next time you’re waiting at an airport gate or checking your bank balance online, spare a thought for the delicate dance of software updates and their potential impact. And remember, even the best-intentioned updates can trip up the digital giants.


The bigger picture

Interestingly, on June 11, 2024, a post on CrowdStrike’s own blog seemed to predict this very situation – the global computing ecosystem compromised by one vendor’s faulty technology – though they probably didn’t expect that their product would be the cause.

Software supply chains have long been a serious cybersecurity concern and potential single point of failure. Companies like CrowdStrike, Microsoft, Apple and others have direct, trusted access into organizations’ and individuals’ computers. As a result, people have to trust that the companies are not only secure themselves, but that the products and updates they push out are well-tested and robust before they’re applied to customers’ systems. The SolarWinds incident of 2019, which involved hacking the software supply chain, may well be considered a preview of today’s CrowdStrike incident.

CrowdStrike CEO George Kurtz said “this is not a security incident or cyberattack” and that “the issue has been identified, isolated and a fix has been deployed.” While perhaps true from CrowdStrike’s perspective – they were not hacked – it doesn’t mean the effects of this incident won’t create security problems for customers. It’s quite possible that in the short term, organizations may disable some of their internet security devices to try and get ahead of the problem, but in doing so they may have opened themselves up to criminals penetrating their networks.

It’s also likely that people will be targeted by various scams preying on user panic or ignorance regarding the issue. Overwhelmed users might either take offers of faux assistance that lead to identity theft, or throw away money on bogus solutions to this problem.


Transportation Secretary Pete Buttigieg explains the effects of the outage on airlines and other transportation systems.