Cybersecurity News that Matters

Cybersecurity News that Matters

CrowdStrike software glitch sparks global outage: Key developments from the past week

Illustration by Daeun Lee, The Readable

by Minkyung Shin

Jul. 25, 2024
11:50 PM GMT+9

CrowdStrike has undergone a massive cyber system outage that has lasted for six days. The incident has had a global impact, bringing many industries, governments, and businesses around the world to a standstill. Airports, hospitals, banks, and other essential services have been affected, disrupting daily life for millions of people worldwide.

CrowdStrike is a leading American cybersecurity technology company, established in 2011, that specializes in endpoint security, threat intelligence, and incident response. The company provides comprehensive protection against cyber threats, including ransomware attacks, by leveraging artificial intelligence. With a global presence, CrowdStrike serves approximately 30,000 subscribers, safeguarding them from potential cyber threats.

The cause of the outage

The outage occurred at 4:09 AM UTC on July 19 when an invalid software patch was deployed for CrowdStrike’s ‘Falcon Sensor.’ This software runs on Microsoft Windows and monitors and detects cyber threats in real-time.

In their report issued on Thursday, CrowdStrike confirmed that the outage was triggered by software crashes on Windows systems that were online between 4:09 and 5:27 AM on July 19. Interestingly, systems that were not online during this specific timeframe, as well as Mac and Linux systems, remained unaffected. The company is now working diligently to rectify the issue and prevent such incidents in the future.

Impact

During the incident, all Windows users were confronted with the dreaded ‘blue screen of death,’ a critical error that not only turns the screen blue but also causes the system to freeze. This type of error, also known as a “bug check,” signals a system crash, indicating that Windows has reached a state where it can no longer operate safely. Consequently, this widespread system failure rendered users unable to use Microsoft products, causing significant disruption and inconvenience.

Airlines

The Associated Press (AP) reported that approximately 1,500 flights in the United States were canceled and 4,000 were delayed on the East Coast from dawn to dusk on July 19. At New York’s three major airports, over 300 flights were delayed, and more than 100 were canceled.

According to aviation data provider Cirium, Delta Air Lines has canceled more than 5,500 flights since the outage began. On Monday, Delta and its regional subsidiaries were responsible for about two-thirds of all canceled flights worldwide. Notably, Delta also accounted for the majority of all canceled flights in the U.S.

Furthermore, in South Korea, three airlines restored their online ticketing and reservation systems after the error occurred at 3:30 PM on July 19, causing a total of 75 flight delays.

Public sector

On the afternoon of July 19, the Tennessee Department of Finance and Administration announced that the state relies on CrowdStrike for cybersecurity monitoring and was adversely affected by the software update.

Additionally, Reuters reported that internal systems at police departments in the Australian state of Victoria were affected, although emergency services continued to operate normally.

Response and mitigation efforts

In response, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it is continuing to monitor the situation and assess the impact of the outage. CISA stated that it is working with CrowdStrike, as well as federal, state, and international partners, to evaluate the incident’s impact and support recovery efforts.

CISA warned, “We have observed threat actors exploiting this incident for phishing and other malicious activities.” The agency added, “CISA urges organizations and individuals to remain vigilant and follow instructions only from legitimate sources.”

George Kurtz, President and CEO of CrowdStrike, said on social media platform X (formerly Twitter), “We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption.” He added, “We are working with all impacted customers to ensure their systems are restored and they can continue delivering the services their customers rely on.”

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Minkyung Shin

    Minkyung Shin serves as a reporting intern for The Readable, where she has channeled her passion for cybersecurity news. Her journey began at Dankook University in Korea, where she pursued studies in...

    View all posts
Reviewer:
Stay Ahead with The Readable's Cybersecurity Insights