Updated July 19, 2024 at 15:17 PM ET
A technological meltdown left employees of airlines, banks, hospitals and emergency services around the world staring at the dreaded “blue screen of death” on Friday as their computers went inert in what is being described as a historic outage.
“This is basically what we were all worried about with Y2K, except it's actually happened this time,” internet security analyst Troy Hunt said via X.
From continent to continent, Microsoft users reported being suddenly knocked offline, and the culprit was determined to be cybersecurity company CrowdStrike, which says one of its routine software updates malfunctioned.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” the company said in a statement.
Customers using Mac and Linux operating systems were not affected, CrowdStrike said.
When the faulty update crashed computer systems, scores of airport travelers were stranded, hospital appointments were delayed and live news broadcasts were cut short.
How big is the outage?
It is massive, far-reaching and sudden.
Some computer problems cascade, creating ripples of failures. But in this case, the flaw permeated Microsoft systems worldwide nearly immediately. The company says its Windows 365 Cloud PCs, apps and services were affected.
Microsoft remains the dominant desktop operating system worldwide, with more than 72% market share, according to the Statcounter website. The CrowdStrike problem does not directly affect all of those machines: its security software is mainly used by businesses and large organizations. The company says its customers include 43 U.S. states and nearly 300 companies in the Fortune 500.
Hundreds of thousands of Microsoft outages were reported on Friday, according to Downdetector, the website that tracks outages based on users’ reports.
In 16 hours, 311,000 global outage reports came in, Michelle Badrian, senior communications manager at Ookla, which owns Downdetector, told NPR. Of that figure, she added, 58,000 reports were from the U.S., 26,000 from the U.K., and 20,000 from India. Large numbers of reports also came in from Germany, Canada and Australia.
There are signs that relief is on the way: Badrian said that as of midday Friday ET, “we are observing report volumes declining both for Microsoft services and for all services overall.”
While server-related outages are common, the scale of the CrowdStrike disruption was astonishing to many tech observers.
“This IT outage is a stark reminder of how dependent we are on technology and many other things that happen behind the scenes that most of us are unaware of,” said Louisville-based tech executive Adam Robinson on X. “Modern society and the many comforts we enjoy is a fragile thing.”
What about air travel?
More than 2,000 flights originating or landing in the U.S. were canceled as of noon ET Friday, and more than twice that number were delayed, according to the FlightAware tracking site.
Delta Airlines, United Airlines and American Airlines announced they were resuming some or all of their scheduled flights after initially being grounded when the problem struck their systems. The airlines also said they were issuing waivers to affected customers.
Amsterdam’s Schiphol Airport — a major hub for long-distance flights — said a "global system failure" impacted incoming and outgoing flights on one of the busiest days of the year.
Landings at Zurich airport were suspended and flights in Hungary disrupted.
Spanish airport operator Aena reported a computer systems “incident” at all Spanish airports that it said could cause delays.
What other kinds of services went offline?
In some states, including Alaska and Ohio, 911 phone lines were down.
The U.K.’s National Health Service has been widely affected. The NHS said Friday that doctors’ appointments and patient records had been affected but that there was no known impact on emergency services. The BBC reported that two-thirds of doctors’ practices in Northern Ireland had been affected, with doctors unable to access patient records, generate prescriptions or see the result of laboratory tests.
In Germany, some hospitals canceled non-emergency operations.
Broadcasters around the world were also affected. In France and Australia, live television broadcasts were knocked offline.
Sky News, a major U.K. news channel, was off air for a time on Friday morning. It later returned, but without “full capabilities,” its chairman, David Rhodes, said on X Friday afternoon. A post on Australia’s ABC News website said the broadcaster was experiencing a “major network outage.”
The London Stock Exchange’s news service stopped working. Shipping in the Baltic was also impacted, with the container hub of Gdansk in Poland hit by major disruptions.
How do people fix their computers?
CrowdStrike says the problem was not a cyberattack, but rather a software glitch. The company said that after identifying the issue, it withdrew the "problematic channel file" that was affecting customers' systems.
Because of that move, if a Windows system with CrowdStrike's Falcon sensor was brought online after 1:27 a.m. ET Friday , the company said, it wouldn't be affected.
It also published a workaround that involves booting a Windows machine in a recovery environment, deleting a single file in the CrowdStrike directory, and restarting.
What is CrowdStrike?
It’s a U.S. cybersecurity firm based in Austin, Texas. The company went public in 2019 and is currently in the S&P 500 index. As of early July, CrowdStrike’s stock had been riding months of gains. But share prices fell sharply in early trading Friday.
“This is clearly a major black eye for CrowdStrike,” said WedBush analyst Dan Ives.
CrowdStrike made headlines in 2016, when the company was hired by the Democratic National Committee to investigate a breach of its data systems. CrowdStrike determined that the hack was a case of foreign interference — the work of Russian-backed hacking groups.
The company’s marquee product is its “Falcon” cybersecurity software — and it traced the current problem to a change in a sensor in that system. That also helps explain how and why the resulting failures might have spread so quickly: Rather than being stored locally, the Falcon security platform “is 100% cloud-based.”
The company apologized for the outages on Friday, stating, "We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption."
Copyright 2024 NPR