The Crowdstrike outage last week wreaked havoc and demonstrated that relying on individual systems might have serious implications.
The CrowdStrike outage in July impacted thousands of businesses globally, temporarily paralyzing servers and computers.
July 19, 2024, is likely to be remembered as a historic date. On that particular day, practically nothing functioned digitally. Flights were canceled at multiple airports, Windows-powered PCs crashed in masse, and some government agencies were unable to function correctly. Banks, hospitals, and emergency facilities have to deal with constraints. And why? Crowdstrike has improved its cyber security software “Falcon”. And, because this software solution is utilized by tens of thousands of business clients in over 170 countries, a single fault in the upgrade had a worldwide impact.
8.5 million PCs were impacted.
In an interview with Wirtschaftswoche, Tim Schughart of IT security service provider Prosec questioned the fact that the problem was discovered during quality assurance. This mistake should not have occurred. He couldn’t believe that the upgrade had been tested successfully. Joachim Selzer of the Chaos Computer Club, on the other hand, claims that the focus on a few suppliers in the IT sector has resulted in a cluster danger. More testing, more attentive upgrades, or greater variety among service providers might reduce the likelihood of such errors.
And this outage certainly had it all. According to Microsoft’s first estimates, the Crowdstrike outage affected around 8.5 million PCs. Although this represents just around 1% of all Windows PCs, the impact was huge. Although Crowdstrike responded quickly and offered an update patch the same day, it did not arrive in time to take effect in Australia, for example, due to time differences. A government emergency meeting was even called on short notice.
Tool for Windows PCs published.
Microsoft and Crowdstrike are also developing solutions to help IT managers get failed Windows PCs back up and running. In addition to step-by-step instructions, Microsoft has released a little utility to help speed up the process of repairing PCs. In a word, the utility functions as a bootable USB device, automatically performing all updates when run. The PC should then resume its normal operation.
In the same sentence, Microsoft slammed the European Union. As early as 2009, the European Commission gave in and granted security software developers access to specific APIs in the Windows client and server operating systems. This was done to promote competitiveness. That works. However, we can see how giving up crucial operating system infrastructure to increase competition may backfire. The Microsoft employee could not be identified by name, but the EU-Microsoft agreement did exist.
Windows 95 was unaffected.
However, the crowdstrike miscalculation resulted in some extremely interesting discoveries. Southwest Airlines from the United States stated on the day of the incident that they had encountered no disruption. Background: The majority of Southwest Airlines’ systems continue to run on the extremely antiquated Windows 3.1 and Windows 95 operating systems, which sparked widespread criticism before the outage for potentially failing to meet security requirements. It is now clear that the whole situation may be examined more distinctly.
There were no outages in Russia, either. Again, the reason for this is that Crowdstrike has not done business with Russian corporations since 2022, because of Russia’s aggressive conflict against Ukraine.