Mass IT outages have been reported worldwide this morning, impacting hospitals, broadcast television stations and airlines. The issue, which causes devices running on Microsoft Windows to crash, is suspected to have originated with a faulty software update rolled out by cybersecurity firm Crowdstrike. The outages have caused widespread disruption, grounding flights in Australia, the US, and Europe, as well as temporarily preventing UK television station Sky News from broadcasting live.
The fault appears to have originated with a faulty channel file in an update to the latter’s Falcon platform. Crowdstrike’s director of threat hunting Brody Nisbet said on X that users could regain access to their devices by booting Windows in safe mode, navigating to ‘C:\Windows\System32\drivers\Crowdstrike,’ deleting the file ‘C-00000291*.sys.’ and then booting their devices normally. Even so, warned Nisbet, the workaround “won’t help everyone.”
Crowdstrike Falcon update promised new standards for MDR
Founded in 2012 by McAfee alumnus George Kurtz, Crowdstrike is a US cybersecurity firm with hundreds of corporate customers around the world. The firm pitched itself as a nimble, one-stop shop for companies to prevent themselves from falling victim to breaches of all kinds. On 15 July, Crowdstrike announced the release of its Falcon Complete Next-Gen MDR platform. The new product, said the firm, would set a new standard for managed detection and response while allowing users to accelerate “SOC transformation initiatives led by service partners.”
Users throughout this morning have instead complained that they cannot use their devices, with many displaying the so-called ‘blue screen of death’ indicating a critical error with their Windows operating system. As a result, multiple public and private sector online services have been disrupted in the UK. The supermarket Morrisons told customers that it was having “some issues” with processing payments in its stores, while multiple train companies reported that IT outages were forcing them to cancel services at short notice. Medical organisations have also been affected, with GP surgeries unable to book appointments and the National Pharmacy Association advising the public to “be patient” while community pharmacies regain control of their computers.
IT outages reported worldwide
The impact of the outages is also being felt throughout North America and the Asia-Pacific region. In India, Delhi airport was forced to update travellers on flight times using a whiteboard, while Australia’s Commonwealth Bank reported that some customers would be unable to transfer funds in the short term. Airlines in the US, Spain and Turkey have also reported disruption to their systems.
The Chartered Institute for IT’s Dan Card advised users impacted by the Crowdstrike bug to remain calm and kind to those individuals working hard to bring affected systems back online. “Companies should make sure [that] their IT teams are well-supported, as it will be a difficult and highly stressful weekend for them as they help customers of all kinds,” he said. “People often forget the people that are running around fixing things.”