Global IT Outage a Wake-Up Call on Cybersecurity, Experts Say
Airlines, media outlets, retailers, hospitals, banks, and essentially any organization that relied on CrowdStrike’s service to protect their Microsoft systems from viruses and malware are still recovering from the unprecedented global IT outage on Friday, which affected 8.5 million Windows devices.
A software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, triggered system problems that grounded flights, forced broadcasters off air, and left customers without access to services such as healthcare or banking.
“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” Microsoft said in its blog post.
Although CrowdStrike, a cybersecurity firm based in Austin, Texas, said on Sunday that the affected 8.5 million devices were back online and operational, experts and analysts regard the incident as a wake-up call for a more resilient and less monopolized global digital infrastructure. They warn that the world will be ever more vulnerable to such disruptions, which could become a “new normal.”
Unprecedented Outage
On Friday, customers of CrowdStrike across the world started to see the “blue screen of death” on their Windows systems after installing a faulty Falcon sensor update on Thursday night.
Essentially, Falcon monitors what is happening on the computers on which it is installed and looks for signs of nefarious activity, such as malware. This means that Falcon is deeply integrated into Microsoft’s system to the extent that when it falters, the system does too.
“We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines,” said Microsoft in its blog post on Saturday.
Following what Microsoft calls “significant incidents,” the company said it has “maintained ongoing communication with customers and is working with CrowdStrike and external developers to collect information and expedite solutions.”
Challenges Ahead
Just hours after the outage, scams, phishing emails, and other criminal activities started to target CrowdStrike customers concerning the incident, under the guise of customer service and technical support.
“The scale of this outage is unprecedented, and will no doubt go down in history,” said Dr. Junade Ali, a cybersecurity expert and fellow at the London-based Institution of Engineering and Technology. “Unlike some previous outages that targeted internet infrastructure, this situation directly impacts end-user computers and could require manual intervention to resolve, posing a significant challenge for IT teams globally.”
Experts estimate a full recovery from a disruption at such a scale will take weeks. “It seems that millions of computers are going to have to be fixed by hand,” said Mikko Hypponen, chief research officer at WithSecure, a cybersecurity company.
Recovery is particularly challenging for small and medium-sized enterprises, which have fewer resources and IT staff to do the manual fixing, said Joe Tidy, a cyber correspondent.
A Wake-Up Call
The incident underscores the vulnerability of global digital infrastructure and the risks of relying heavily on a single provider for cybersecurity solutions. Experts warn that such disruptions could become more common and call for diversification and resilience in cybersecurity strategies.
