NEW YORK (AP) â Much of the world faced online disarray Friday as a widespread technology outage affected companies and services across industries â grounding flights, knocking banks and hospital systems offline and media outlets off air.
At the heart of the massive disruption is CrowdStrike, a cybersecurity firm that provides software to scores of companies worldwide. The company says the problem occurred when it deployed a faulty update to computers running Microsoft Windows, noting that the issue behind the outage was not a security incident or cyberattack.
People are also readingâŠ
CrowdStrike has said a fix is on the way. Still, chaos deepened hours after the problem was first detected.
Hereâs what you need to know.
How did Fridayâs âblue screenâ outage emerge?
Fridayâs disruptions began when a faulty update was pushed out from CrowdStrike for one of its tools, âFalcon.â In a statement about the ongoing situation, the company said the defect was found âin a single content update for Windows hostsâ â noting that Mac and Linux systems were not impacted.
But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem have been far-reaching. As a result, affected computer after computer showed the âblue screen of deathâ error message.
Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services during peak summer travel â disrupting thousands of flights. Banks in South Africa and New Zealand reported outages impacting payments. Some news stations, particuarly in Australia, were unable to broadcast for hours. And hospitals had problems with their appointment systems, leading to delays and sometimes cancelations for critical care, while officials in some U.S. states warned of 911 problems in their areas.
Elsewhere, people experienced more minor inconveniences, including trouble ordering ahead at Starbucks, causing long lines at some of the coffee chainâs stores. Some billboards in New York Cityâs famous Times Square also went dark.
Experts stress that Fridayâs disruptions underscore the vulnerability of worldwide dependence on software that comes from only a handful of providers.
âIt is an âall our eggs are in one basketâ situation,â Craig Shue, professor and computer science department head at Worcester Polytechnic Institute, said in emailed commentary. âThis lets us make sure our âbasketâ is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs.â
What is CrowdStrike?
CrowdStrike is a U.S. cybersecurity company that provides software to companies around the world and across industries. It bills itself as being the globeâs most advanced cloud-based security technology provider.
âWe stop breaches,â the cybersecurity firm writes on its website.
According to the companyâs website, CrowdStrike was founded in 2011 and launched in early 2012. CrowdStrike listed on the Nasdaq exchange five years ago. Last month, the Austin, Texas company reported that its revenue rose 33% in the latest quarter from the same quarter a year earlier â logging a net profit of $42.8 million, up from $491,000 in the first quarter of last year. The company reported having 29,000 subscribing customers.
CrowdStrike has a partnership with Amazon Web Services and its âFalcon for Defenderâ security technology is designed to supplement Microsoft Defender to prevent attacks.
Is there a fix?
Disruptions on Friday have continued hours after CrowdStrike first identified the issue. But both the company and Microsoft say that theyâre working to get systems back online.
In an emailed statement, Crowdstrike said that it was âactively working with customers impacted by a defect found in a single content update for Windows hostsâ â adding that a fix âhad been deployedâ for the identified issue.
Crowdstrike President and CEO George Kurtz later apologized. âWe understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,â he wrote on social media platform X.
Microsoft spokesperson Frank X. Shaw said that the company was âactively supporting customers to assist in their recovery.â Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.
While the problem is fixable, it requires some expertise â and its impacts could last long past Friday. Some cybersecurity experts warn of bad actors who may reach out claiming they can help. Smaller companies or organizations with less IT resources are particularly at risk.
Gartner analyst Eric Grenier noted that those impacted should make sure theyâre talking to trusted organizations as they work towards recovery. âAttackers will definitely prey on organizations as a result of this,â he said.
Copyright 2024 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
