A corrupted update caused computers running Windows to crash, leading to a global IT outage that disrupted flights, halted business transactions, and forced hospitals to cancel operations. Microsoft estimated that approximately 8.5 million computers worldwide were affected, marking the first time the company quantified the scale of the outage and suggesting it could be the worst cyber event in history.
According to an official Microsoft blog post, while the bug affected less than one percent of all Windows computers, the broad economic and societal impacts were significant due to the reliance on Crowdstrike by enterprises running many critical services. The corrupted update, issued by security company Crowdstrike, wreaked havoc from Thursday into Friday.
Crowdstrike’s CEO, George Kurtz, apologized for the chaos and announced that a fix had been issued. He cautioned, however, that it could take some time before all systems returned to normal. “I wasn’t that surprised that an accident caused severe global digital disruption. I guess I was a little surprised that the cause was a software update from a well-respected cybersecurity company,” said Ciaran Martin, former Head of the UK’s National Cyber Security Centre.
Martin highlighted the inherent fragility of the internet’s foundational parts, which can have serious global consequences if they fail. Sally Walker, the former head of cyber at the UK’s intelligence and security organization GCHQ, emphasized the extent of society’s dependency on computer systems and the devastating impact of such disruptions. “It does emphasize that we live in a world of dependency and vulnerability, and that disruption can and will happen. IT is at the core of our day-to-day operations, our businesses, our economies, everything about our lives,” Walker said.
Walker also warned of malicious actors exploiting the confusion surrounding the outage, a sentiment echoed by the National Cyber Security Centre, which advised vigilance against phishing attempts. Germany’s IT security agency also alerted the public to cybercriminals taking advantage of the situation through phishing, fake websites, and other scams, noting that ‘unofficial’ software code was in circulation.
Despite the massive disruption, Walker stated that risk registers have not changed in response to the incident. “Our risk registers, our understanding of what can go wrong or what might go wrong, doesn’t change because of an incident like this. The reality is that risk exists every day,” she said.
Euronews