A widespread IT outage caused by a faulty update from cybersecurity firm CrowdStrike sent shockwaves across multiple industries worldwide on Friday morning. The disruption affected airlines, banks, hospitals, and various other institutions, causing significant operational halts and delays. Despite initial concerns, CrowdStrike confirmed that the outage was not a result of a cyberattack.
CrowdStrike's CEO, George Kurtz, addressed the situation on social media, stating, "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been deployed."
The outage severely impacted air travel, with American Airlines, United, and Delta requesting a global ground stop from the Federal Aviation Administration (FAA). As of 6:25 a.m. ET, at least 540 flights in the U.S. had been canceled. "Earlier this morning, a technical issue with a vendor impacted multiple carriers, including American. As of 5 a.m. ET, we have been able to safely re-establish our operation. We apologize to our customers for the inconvenience," read a statement from American Airlines.
Passengers were left stranded and confused as flights were delayed or canceled. "No one here knows anything, the gate agents said we all know as much as they do," a passenger told ABC News. He mentioned that his flight from SeaTac Airport in Washington was delayed for two hours on the tarmac before passengers were deplaned. "I feel awful for the employees and those that have a sick loved one they need to get to or funerals, thankfully that's not us."
The ripple effects of the outage were felt globally. Berlin Airport in Germany and Gatwick Airport in the United Kingdom reported delays. Ryanair, one of Europe's largest airlines, experienced significant disruptions due to the third-party IT issue.
Financial services and healthcare sectors were also hit hard. Mass General Brigham in Boston canceled all elective surgeries, and Cincinnati Children's Hospital Medical Center reported disruptions. The London Stock Exchange experienced issues, and Australian banks and broadcasters faced significant challenges as thousands of machines went offline.
"This is one of the largest IT outages in history," said a senior IT analyst. "The impact has been profound, affecting everything from air travel to financial transactions and healthcare services."
The root cause of the issue appears to be an update to a kernel-level driver that CrowdStrike uses to secure Windows machines. This update led to widespread reports of Blue Screen of Death (BSOD) errors, forcing affected PCs and servers into a recovery boot loop. While CrowdStrike quickly identified the issue and reverted the faulty update, machines that had already been impacted required manual intervention to fix.
In response to the outage, IT administrators around the world worked frantically to bring systems back online. Hundreds of admins reported issues on Reddit, with many sharing workaround steps involving booting affected machines into safe mode and deleting a specific system file from the CrowdStrike directory. However, this process was particularly challenging for cloud-based servers and remotely deployed laptops.
"Our entire company is offline," one IT admin reported. Another noted that 70 percent of their laptops were stuck in a boot loop. "Happy Friday," remarked another admin sarcastically, highlighting the frustration felt by IT teams globally.
In a separate incident, Microsoft also experienced outages with its Microsoft 365 apps and services. The company attributed these issues to "a configuration change in a portion of our Azure backend workloads." While Microsoft reported that services were being restored, many users continued to experience problems.
The outage has raised significant concerns about the dependency of global industries on single points of failure within cybersecurity and IT infrastructure. "This incident underscores the critical importance of robust IT management and contingency planning," said a cybersecurity expert. "Organizations must ensure they have fail-safes and redundancies in place to mitigate such widespread disruptions."
As industries work to recover from the outage, the focus will likely shift to preventing similar incidents in the future. Companies are expected to re-evaluate their IT strategies and ensure they are prepared for any potential disruptions that could impact their operations.
CrowdStrike has pledged to work closely with affected customers to ensure their systems are secure and operational. "We are fully mobilized to ensure the security and stability of CrowdStrike customers," Kurtz assured.
As the situation unfolds, businesses and individuals alike are urged to stay informed through official channels and follow the guidance provided by IT and cybersecurity professionals to mitigate the impact of such outages.
