A routine software update set off a chain of disruptions on Friday that affected businesses around the world, from airports and banks to retailers and law enforcement agencies.
This wasn’t a cyber attack, but rather a flawed update deployed by one of the world’s largest cybersecurity companies in an attempt to protect their customers from hackers.
CrowdStrike, an Austin, Texas-based cybersecurity firm widely used by businesses and government agencies that use Microsoft computers, said the problem was caused by a flaw in one of its updates for computers running the Windows operating system.The result was perhaps the largest global information technology outage in history.
Here’s what we know:
What influenced you?
The outage appears to have affected nearly every major business sector in some way.
The problem caused significant delays and cancellations at airports and flights around the world as computers essential to those services were taken offline, with the three largest US airlines, American Airlines, Delta Air Lines and United Airlines, all grounding their flights due to communications issues.
Long lines formed at airports from Berlin to Hong Kong after electronic systems failed, forcing staff to check passengers in manually. One traveler in the Indian city of Hyderabad posted a photo of something unusual not usually seen in the modern digital age: a handwritten boarding pass.
Follow real-time updates on global technology outages
The problem also affected banks, with some customers unable to access their savings. People in Australia, New Zealand and elsewhere reported being unable to log into their accounts at major retail banks, while the London Stock Exchange, Europe’s largest stock exchange, said it was able to continue trading but had some service disruptions.
In the retail sector, McDonald’s closed some stores in Japan after what it described in an online statement as a “cash register malfunction,” while British grocery chain Waitrose was forced to post handwritten notices informing customers that it only accepts cash. Some Starbucks stores temporarily closed after the company’s mobile ordering system went down, while others remained open and baristas had to scramble to come up with new workflows.
The Baltic Hub, an international shipping terminal in Poland, said in a statement that it was dealing with issues related to the outage. The Alaska State Police was among the law enforcement agencies that reported problems warning that 911 was temporarily not working, and British broadcaster Sky News, owned by NBCUniversal parent Comcast, was temporarily taken off the air.
Initial reports suggest the issue was avoided on some computers that were not powered on during the software update.
What causes this?
Cybersecurity programs like CrowdStrike are frequently updated automatically to keep up with new tactics discovered by malicious hackers, and there’s always a slight risk that software updates will make them incompatible with other programs.
CrowdStrike’s updates were supposed to be routine, but an error in the code conflicted with Windows, with devastating results.
Some customers will have their computers fixed automatically, while others will have to do it manually, CEO George Kurtz said on the “Today” show Friday morning.
“An update was sent to our systems, but that update had a software bug that caused problems with the Microsoft operating system,” Kurtz said. “Our systems are constantly monitoring for the latest attacks from external adversaries.”
How long will it take for things to get back to normal?
CrowdStrike identified the issue and released a fix early Friday morning when the problems began to surface. On Friday afternoon, Kurtz released a statement apologizing for the outage, adding that CrowdStrike is “operating normally.”
The fix required affected computers to download a separate software update, but some computers were able to download it automatically.
Many businesses and services affected by the disruption, including the New Hampshire Department of Safety, said their 911 systems were down for a time, only to report they were back up and running by Friday morning.
Some users may not be able to load the update, and IT staff at some companies may have to reboot affected computers one by one to make adjustments.
“Many customers have rebooted their systems and we have made a fix on our side and they will be back up and operational,” Kurtz said. “For some of the systems that are not back up, we are working on that, so for those systems that are not automatically back up, it may take some time.”
