Americans have fallen victim to the ‘mother of all outages’ after Microsoft experienced a meltdown on Friday.
Hundreds of thousands of computers running on Windows were knocked offline or stuck on so-called ‘blue screens of death.’
Banks, airlines, television networks, trains and healthcare systems reported widespread outages starting around 2am ET.
The chaos was due to a defect in a single content update by Crowdstrike, a US-based cybersecurity firm used by Microsoft, the company shared at 5:30am ET.
Crowdstrike assured the public that the outage was not caused by a cybersecurity attack and that it could take up to 36 hours to fix, analysts told DailyMail.com.
Crowdstrike assured the public that the outage was not caused by a cybersecurity attack and said it said it is ‘actively working with customers’ who were impacted
What happened?
The global computer outage first started with Microsoft, leading people to believe that the company’s systems were to blame, but Crowdstrike was found to be at fault a few hours later.
Crowdstrike, an Austin-based cybersecurity specialist, provides software to 29,000 businesses and industries to protect their online systems against cyberattacks and security breaches.
The Microsoft outage was triggered by a bug in Crowdstrike’s software update, which was deployed to its ‘Falcon Sensor,’ which searches for viruses and malicious attacks.
‘One of the tricky parts of security software is it needs to have absolute privileges over your entire computer in order to do its job,’ Thomas Parenty, a cybersecurity consultant and former National Security Agency analyst told the New York Times.
‘So if there’s something wrong with it, the consequences are vastly greater than if your spreadsheet doesn’t work.’
The incident impacted Microsoft’s 365 apps and Azure service that are used by more than 50 percent of Fortune 500 companies and eight of the top financial institutions across 43 US states.
Microsoft 365 is a cloud-powered platform that helps businesses protect against cyber threats and keep information secure and private for shared files and email messages and links.
Its Defender for Office app helps prevent, detect and respond to phishing and ransomware threats.
Azure is a cloud firewall security serves that provides threat protections for files, data and other apps.
How did the outage disrupt airlines, banks and other companies?
Millions of passengers were left stranded at airports as major airlines grounded planes in the wake of the Crowdstrike outage.
Airlines including Delta, United and American grounded all planes, stranding millions of people at airports around the world.
Public transit systems in New York City and Washington, D.C. caused citywide delays as arrival information is unavailable for many routes at the stations and on the apps.
‘This technical outage impacts our ability to see train locations, so we cannot provide that information,’ NYCT Subway wrote on X.
Airlines rely on Microsoft systems for nearly all of its technology from traffic control and check-in desks to scanning passenger’s boarding passes which were all impacted by the outage.
Customers have been warned by the New York Port Authority not to travel to nearby airports unless they received a confirmation that their flight was scheduled to depart on time.
Major government offices were forced to close including the Social Security Administration which said the incident had shut down numerous services.
It said to expect longer than usual wait times for its national 800 number and said some online services will be unavailable.
The system failure has also impacted TD Bank, Visa and Bank of America as clients grappled with not getting hold of their money until the systems are reinstated.
Meanwhile, it also caused 911 and non-emergency call centers to go down in several states including Alaska, Ohio, Texas and New Hampshire but it remains unclear how widespread the issue is.
Hospitals across the US were likewise impacted, forcing them to turn patients away and delay or reschedule procedures.
The Harris Health Quentin Mease Health Center in Houston said it was canceling all elective procedures and outpatient care, while Mass General Brigham in Boston told The Boston Globe that it canceled ‘all previously scheduled non-urgent surgeries, procedures, and medical visits are cancelled today.’
Crowdstrike, an Austin-based cybersecurity specialist, provides software to 29,000 customers to protect their online systems against cyberattacks and security breaches. The outage came after the company deployed its ‘Falcon Sensor’ software that caused all computers using Microsoft Windows to crash, with airlines being the hardest hit
What is Crowdstrike doing to fix the problem?
Crowdstrike is currently working with the customers impacted by the Falcon Sensor update and the company’s CEO, George Kurtz, posted on X that it didn’t affect customers who were using Mac and Linux hosts.
‘This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,’ Kurtz said.
‘We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
‘We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels.
‘Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.’
The cybersecurity company has suggested that companies manually reboot each computer in safe mode, delete a specific file and restart the computer normally.
‘There is a workaround, but it requires manually tampering with Windows systems files in recovery mode,’ Lukasz Olejnik, an independent cybersecurity researcher and consultant told NY Times.
‘Such practice is in general not advised ordinarily, as mistakes may cause other problems.’
The company has not said when it expects all services to be back up and running, but Microsoft 365 said: ‘Our services are still seeing continuous improvements while we continue to take mitigation actions.
‘We still expect that users will continue to see gradual relief as we continue to mitigate the issue.’
Tech market analyst Dan Ives told DailyMail.com that the global outage is ‘an epic disaster’ and it ‘will take 24 to 36 hours to fully get under control.’