Global IT outage takes down airlines, banks, 911 services, more; CrowdStrike to blame

4 months ago 37
Global IT outage caused by CrowdStrike | Screengrab of crashed Windows PC

A huge mistake by cybersecurity company CrowdStrike has caused a global IT outage on a massive scale, with airlines, banks, health services, and more affected – including some 911 centers.

United, Delta, and American Airlines are among the airlines who have been forced to ground flights. Broadcaster Sky News was taken off-air for several hours. Many retailers have been unable to accept payments. In short, it’s chaos out there …

CrowdStrike’s security software is used by a huge number of companies and other organizations, and a faulty update caused Windows PCs around the world to crash and enter a reboot loop, leaving them completely unusable.

The company’s CEO admitted responsibility for the mess, but downplayed its impact (“a defect found in a single content update”) and, notably, completely failed to apologize.

CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted.

This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.

The internet was quick to point out this omission.

Bro just stopped the entire world and probably caused millions in damages and doesn’t even apologize 💀

— Ameer (@SynthPotato) July 19, 2024

To make matters worse, if that is possible, the company put the notice behind a client login – leaving many customers unable to even see it because their work PCs were down, meaning they had no access to the password managers needed to log in.

The severity of the issue, with PCs unable to reboot, means it’s going to take a significant time for affected organizations to fix.

There is a workaround, but that will currently need to be implemented on a PC-by-PC basis.

  1. Boot Windows into Safe Mode or the Windows Recovery Environment
  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
  3. Locate the file matching “C-00000291*.sys”, and delete it. 
  4. Boot the host normally. 

As the company notes, Macs aren’t affected, but a lot of the services Mac users need to access will be down today.

Screengrab courtesy of Mukul Sharma

FTC: We use income earning auto affiliate links. More.

Read Entire Article