Worldwide IT outage leaves major airlines, media, and banks scrambling

The cause of the worldwide IT outage has been revealed to have been caused by CrowdStrike's Falcon service, find out more about them here. The company recently pushed an update for its CrowdStrike Falcon platform that appears to have been catastrophically wrong. Microsoft, whose operating system it appears to be affecting the most have also been working on getting a fix for the issue, however, it is likely largely out of their control.

Microsoft took to X on its 365 account to state: “We're investigating an issue impacting users' ability to access various Microsoft 365 apps and services.”

George Kurtz, the CEO of Crowdstrike, has since released a statement:

"Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.

"Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.

"The issue has been identified, isolated and a fix has been deployed.

"We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.

"We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels.

"Our team is fully mobilised to ensure the security and stability of Crowdstrike customers."

Australia has experienced significant disruptions: flights are grounded, supermarkets are facing checkout chaos, and broadcast networks are struggling with on-air issues due to autocue, graphics, and computer failures.

A spokesperson for Australia's Home Affairs Minister indicated that the outage seemed linked to an issue at global cybersecurity firm CrowdStrike. The country's cybersecurity watchdog stated that there was no information suggesting an attack.

According to Reuters, the London Stock Exchange also suffered an outage. Meanwhile, Alaskan officials reported that many 911 and non-emergency call centres were not functioning properly.

In the UK, Sky News has been knocked completely off air due to the problems, the channel unable to broadcast its usual live morning show. Additionally, train companies up and down the country are reporting issues, including Southern, Thameslink, Gatwick Express and Great Northern. The NHS has also reported problems, especially in regards to its GP booking and referrals systems, GP's have now switched to seeing only the most crucial patients to ease the load.

Spain and Germany are other European nations whose airports are suffering, with Berlin Airport, and various airports across Spain reporting delays in check-ins, automated processes, and electronic boards.

Ryanair has also stated that its services have been affected by the outages, with delays and grounded flights expected.

US airlines United, Delta and American Airlines, have since issued an official complete global grounding of all flights as the problems continue.

These are just a few of the many problems caused by CrowdStrike's blunder. With 24,000 business as customers, CrowdStrike's reach spans far, and has caused countless problems for businesses in every sector around the globe.

Al Lakhani, CEO of IDEE, adds: "Many people might be thanking Microsoft for their accidental day off, but countless businesses are suffering due to Microsoft's and their partners' failure to maintain their services. This incident underscores the importance of businesses thoroughly researching and vetting their cybersecurity solutions before implementation. Microsoft clearly fell short in this regard, and we are witnessing a cascade of operational failures around the world as a result.

"CrowdStrike’s platform approach, which relies on a single agent focused on detection, might seem good at first glance, but as we can see, it can create significant issues. For instance, agents require installation and maintenance of software on multiple different OSes, adding layers of complexity and potential points of failure. Moreover, agents can become a single point of failure, as a bad update can compromise the entire network, as seen with the SolarWinds attack.

"The lesson here is blindingly obvious: investing in cybersecurity is not just about acquiring the latest or most popular tools but ensuring those tools are reliable and resilient. This is why businesses must prioritise agentless solutions like MFA 2.0, which reduce the risk of widespread failures and ensure more resilient defences."

Keiron Holyome, VP UK & Emerging Markets, BlackBerry Cybersecurity: “Given this outage is impacting some of the most critical systems, networks and applications in the world, the response must be met with speed, accuracy, and accountability. Here, a critical event management (CEM) solution can provide real-time visibility to ensure a quick and informed response as the crisis evolves. It is too early to say the exact root cause, however, this is likely another example of legacy cybersecurity practices in play, with complex EDR and heavy endpoint agents a major infrastructure risk and unnecessarily complex. Using a lightweight AI on the endpoint can avoid these types of outages, as it protects your environment without heavy agents and regular updates that put your operations at risk.”

“More broadly, today’s global IT outage serves as a stark reminder that the best defence is a good offence. Understanding your vulnerabilities and risks through regular testing is paramount, not only when deploying new software but consistently over time. To protect against potential threat actors who seek to take advantage of IT outages, a combination of AI-enabled internal and external penetration testing assessments remains vital. These reveal how an outside threat actor with authorised access, or one starting from within the internal network, could compromise assets through ever-evolving tactics, techniques and procedures. The performance and security of your systems is only as good as its least secure hardware and software components, so blind spots need to be addressed as a priority to keep companies operating as usual.”