Massive IT outage hits airlines, hospitals and banks around the globe

CrowdStrike update causes Windows to crash

Massive IT outage affects airlines, hospitals and banks around the globe. Source: Downdetector

Image:
Massive IT outage affects airlines, hospitals and banks around the globe. Source: Downdetector

A massive global IT outage is currently affecting hospitals, banks, airlines, train companies, broadcasters and thousands of other businesses and services across the world, with users reporting Windows crashes and the Microsoft 'blue screen of death' (BSOD).

The disruption was caused by a CrowdStrike Falcon update. CrowdStrike Falcon is a widely used agent-based cybersecurity platform designed to protect endpoints and cloud workloads. Unfortunately in this case it brought them down.

George Kurtz, CEO of CrowdStrike, said in a statement: "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted.

"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.We further recommend organisations ensure they're communicating with CrowdStrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of CrowdStrike customers."

In an email to Computing, Ilkka Turunen, field CTO at Sonatype, said:

"The update causes a BSOD loop on any Windows machine essentially making it boot and crash on an infinite loop.

"Making it worse is the fact that there are a significant number of Windows machines that the update was auto-installed on overnight. There are workarounds that customers of theirs will apply, but it seems to be very manual."

The incident demonstrates the inter-connectedness of IT infrastructure, and how each piece of the puzzle is vulnerable to faults in others. While there was no malicious intent behind this incident, it shows how such an attack might spread, he added.

"It's definitely a supply chain style incident - what it shows is that one popular vendor botching an update can have a huge impact on its customers and how far a single well-orchestrated update can spread in a single night."

The Downdetector site shows the issue starting around 6 am BST, with numerous businesses affected, including VISA, Tesco, Sky News and the Post Office.

Delays and cancellations are reported across the UK rail network according to National Rail, including on the following lines: Avanti West Coast, c2c, Gatwick Express, Great Northern, Great Western Railway, Hull Trains, London Northwestern Railway, Lumo, Merseyrail, Northern, Southern, Thameslink, Transport for Wales, TransPennine Express, and West Midlands Railway.

Around the world numerous airports have had to close, supermarket checkouts are not working, and thousands of GP and hospital appointments have been cancelled or postponed. Sky News is now back on air after an earlier shutdown.