What caused the Microsoft IT outage that broke flights, banks and trains across the world?
One piece of software appears to have brought airports and TV stations to a standstill
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A widespread computer outage left flights grounded, TV stations offline and much of the world’s infrastructure not working on Friday.
Cyber security experts said the outage was “unprecedented” in its reach, affecting many of the world’s biggest companies.
The cause of the problems was initially mysterious: Windows computers showed a blue screen of death, or BSOD, as if they had just spontaneously stopped working.
But as the outage has spread over Friday, the cause of the problems has become more clear.
The issue appears to be related to a faulty update at cyber security company CrowdStrike. That appears to have been installed overnight – leaving computers unable to turn on properly afterwards.
The company has since rolled back the update. But that does not fix those computers that have already been affected by the problems.
Representatives have given a workaround that involves turning the computer on in a special mode and then deleting the problem file. But that requires administrators to access a computer – which may be difficult when they are being used remotely.
CrowdStrike has said it is “aware of reports of crashes on Windows... relating to the Falcon sensor.” Falcon is a piece of software that monitors computers and watches for anyone trying to break into them.
To do so, it requires extensive access to the central parts of the computer. That means that any bugs in the software can have a widespread and deep impact – as the world found on Friday.
Callers to the company’s technical support phoneline have been met with a recorded phone message saying they are aware of issues on Friday morning. CrowdStrike has advised affected customers to log on to their customer service portal for assistance.
Toby Murray, associate professor in the School of Computing and Information Systems at The University of Melbourne, Australia, said it was possible a “buggy” update to one of global cybersecurity firm CrowdStrike‘s products may have been the cause of the global outage.
“CrowdStrike Falcon has been linked to this widespread outage,” he said.
“CrowdStrike is a global cyber security and threat intelligence company. Falcon is what is known as an Endpoint Detection and Response (EDR) platform, which monitors the computers that it is installed on to detect intrusions - hacks - and respond to them.
“That means that Falcon is a pretty privileged piece of software in that it is able to influence how the computers it is installed on behave.
“For example, if it detects that a computer is infected with malware that is causing the computer to communicate with an attacker, then Falcon could conceivably block that communication from occurring. If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons - one: Falcon is widely deployed on many computers, and two: because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats (so it can better detect them). We have certainly seen anti-virus updates in the past causing problems. It is possible that today’s outage may have been caused by a buggy update to Falcon.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments