A widespread Microsoft outage linked to cybersecurity firm CrowdStrike disrupted public services in San Diego County and air travel at San Diego International Airport on Friday.
Downdetector, a website that tracks user-reported internet outages, recorded an increase in service disruptions for Visa, ADT Security, Amazon and major US airlines including Delta Air Lines and United Airlines.
Similar outages affected local services, including the airport, the San Diego County Sheriff’s Department and the San Diego County Superior Court.
CrowdStrike CEO George Kurtz posted on social media platform X that the company is “actively working with customers affected by the flaw found in a single content update for Windows hosts.”
He added that the incident was not security-related or the result of a cyber attack.
“The issue has been identified, isolated and a fix has been deployed.”
The issue affected Microsoft 365 apps and services, and disruptions continued to grow even after the company said it was gradually fixing it.
Microsoft 365 posted on X that the company was “working to reroute affected traffic to alternate systems to more quickly mitigate the impact” and that it was “seeing positive trends in service availability.”
Here’s what’s affected in San Diego:
San Diego International Airport
The airport had seen about 73 delays and 15 cancellations by 8 a.m. Monday, affecting nearly every airline, according to flight-tracking website FlightAware. About 196 flights were delayed in and out of the airport on Thursday.
“Due to numerous flight delays, SAN passengers should check with their respective airlines before traveling to the airport today,” the airline said in a post on X.
https://twitter.com/SanDiegoAirport/status/1814309632304882098
The airport did not attribute delays to the global outage, but several domestic airlines reported being affected.
The FAA said three airlines – United Airlines, Delta Air Lines and Allegiant Air – had grounded all flights. American Airlines lifted its suspension just after 2 a.m. PST and said it was able to “safely resume operations.”
FlightAware reported that about 1,000 flights have been canceled nationwide and more than 12,000 more are delayed.
Frontier Airlines’ ground suspension was lifted shortly after midnight, and the company said it has so far resumed normal operations.
Currently, Southwest and Frontier Airlines appear to be operating normally.
Scripps Health
Scripps Health said it was affected by the outage because it’s a CrowdStrike customer. The company said patients were not affected and electronic medical records are available. In affected areas, “alternative processes have been implemented to maintain normal operations, however, we continue to analyze the impact of this issue.”
MTs
San Diego transit authorities said scheduled service delays may occur as a secondary effect of the power outage, and many officials have experienced delays at the border, with wait times reported as more than four hours.
Border Crossing
A global technology outage affected U.S. Customs and Border Protection operations, causing long wait times for people crossing the border on Friday morning. The agency said it was working to mitigate the impact on trade and travel.
“During this time, travelers may experience longer than normal wait times at airports and land border checkpoints. All CBP applications are operational, including the automated commercial environment, CBP One, Expedited Arrival and the Global Entry mobile app. We continue working to restore our systems to full operation and will provide updates as they become available,” CBP said in a statement.
San Diego County Sheriff’s Department
The sheriff’s office said the damage lasted about five hours, with most computers back up and running by 8 a.m. and the goal was to have everything up and running by noon.
“We worked immediately and diligently throughout the night to manually process those under arrest while prioritising reception and medical facilities. All are safe,” police said in a statement.
San Diego County Superior Court
The Superior Court said it has been affected by the power outage and is prioritizing repair work in the courtrooms.
“If you were scheduled to appear in court this morning, please come to court as scheduled,” the court said in a statement. “If remote appearances are permitted and you were scheduled to do so, you may do so, but if your courtroom has not yet been repaired you may need to wait in the Microsoft Teams ‘lobby.’ We hope that all courtrooms will be in session later this morning.”
The court said the online application system and telephone are operational.
This story will be updated with the latest developments.
What is Crowdstrike Falcon?
Founded in 2011 and based in Texas, CrowdStrike is a cloud-based cybersecurity platform used by much of the global technology market. CrowdStrike claims that more than half of the Fortune 500 companies use its software, called Falcon, to secure their systems against malware and cyberattacks.
How does Crowdstrike work?
Falcon offers a feature called “endpoint detection response,” which means that if Falcon detects a threat, it has the ability to not only alert the enterprise but also terminate it itself.
“Falcon Prevent can prevent malicious code from executing, block zero-day attacks, kill processes, and contain command and control callbacks,” the company said in a FAQ.
To achieve this, the software must have broad privileges to run across the computer’s internal systems and programs. Due to the integrated network between Falcon and the computer’s core software (in this case, Microsoft 365), if Falcon crashes or malfunctions, it can have a ripple effect within the core systems.
What caused Friday’s global IT outage?
CrowdStrike CEO George Kurtz said Friday’s outage was not the result of a security incident or cyberattack. Kurtz said there was a flaw in “a single content update for Windows hosts.” The issue affected Microsoft 365 apps and services.
Mac and Linux hosts were not affected.
