On the evening of July 18th, and extending into the early hours of the next day, a flawed software update highlighted our reliance on the delicate, technology-driven systems that subtly support our medical appointments, flight itineraries, and access to our bank accounts. This international IT disruption affected nations worldwide, with the cybersecurity firm CrowdStrike at the center of the incident.
Sean Connery (no, not THAT one!), co-founder and chief security officer of Orbis Solutions, Inc., relayed a segment of the communication his leadership team distributed to clients on the following Friday:
“In the last 10 to 12 hours, there have been widespread reports of a significant IT outage occurring globally. Current insights attribute the problem to a problematic CrowdStrike update that causes Windows systems to abruptly crash with a blue screen of death, often leading to endless boot loops. The update appears to primarily impact systems using CrowdStrike’s EDR (Endpoint Detection and Response) Falcon Sensor. …The ramifications of this outage are substantial, as various sectors including airlines, banking, telecommunications, healthcare services, and other critical infrastructures are facing significant service interruptions as a consequence. Up to now, all intelligence suggests this is a malfunctioning update rather than a coordinated global cyber-attack.”
For those less familiar with the technical jargon, Connery further elucidates. “CrowdStrike, a cybersecurity firm, offers Falcon, an advanced endpoint detection and response tool that significantly surpasses traditional antivirus software,” he stated during an interview with SUCCESS. “They issued an update, and now users encounter a blue screen of death when attempting to boot their Windows devices, rendering them inoperable. The solution is to restart [your] computer in safe mode and remove this update. For larger corporations affected, it will require some time to go from one machine to another to uninstall this update.”
Exploiting chaos—how global IT outages facilitate nefarious activities
As with any calamity, whether stemming from technology failures or natural disasters, nefarious individuals often seize the opportunity amid the turmoil.
“Threat intelligence has identified suspicious behaviors from individuals impersonating CrowdStrike support to offer assistance to users with downed systems. It’s essential to ensure you are communicating directly with a verified CrowdStrike agent,” Connery’s communication also mentioned.
He continues: “Cybercriminals and phishing schemes often provide fraudulent solutions aiming to extort or hold systems ransom.” Thus, while the worst may be behind us, those seeking tech assistance ought to remain vigilant against potential dangers.
For most in the United States, days following the outage could necessitate rescheduling flights or medical visits, in addition to waiting for assistance if their small business faced disruptions.
For instance, Cincinnati Children’s health system released a social media update on Friday stating: “Numerous Microsoft-based computer systems are offline due to the global technology outage.”
The healthcare facility postponed morning appointments and advised that “delays are probable, and families should be prepared for extended wait times.”
Is another global IT outage on the horizon?
Looking ahead, industries are focused on understanding the causes behind this event and how to mitigate the risks of future global IT outages.
Two aspects are crucial for addressing prevention and aftermath. For example, when a train schedule cannot be maintained, safety becomes a concern.
However, these are the very challenges that technology companies strive to prevent—and to minimize damage from—on a regular basis.
For instance, the 2038 issue might evoke memories for those who recall the Y2K confusion. Enterprises are currently engaged in preventing complications that could arise from software systems reverting to the year 1901 due to programs utilizing “Unix” time systems in January 2038. Hence, while a global outage appears alarming to non-technical observers (as it was for many affected sectors), it is neither the first nor the last such incident that industries will face.
How can businesses prepare for a global IT outage?
Experts are encouraging various sectors to revise their emergency protocols to account for the possibility of another global IT outage. Yet for those dependent on technology, anticipating, responding to, and alleviating the repercussions of such events is often challenging.
For example, two days subsequent to this outage, U.S. airlines continue to encounter delays and cancellations. On Sunday, FlightAware, which tracks flight statuses nationwide, noted over 34,000 delays and more than 2,000 flight cancellations. As the “blue screen of death” appeared across numerous Microsoft Windows operating systems, it served as a stark reminder of what could recur.
Both organizations and individuals can begin preparing for future occurrences, which may be similar to, or even more complex than, the recent outage. Experts recommend contemplating how to maintain essential operations and needs in the absence of the internet, including:
- Keeping cash on hand. In the event of disruptions at ATMs and banks, accessing funds may become impossible.
- Establishing contingency plans for businesses. While it may seem inconceivable to manage a business without internet access, even briefly, contemplating potential scenarios beforehand can lead to creative solutions to be utilized later.
- Reviewing your supply inventory. Do you have access to a landline phone and a radio? Is a backup generator available along with a basic emergency supply kit? Each of these can be vital during more severe outages.
While navigating a technology-reliant world can feel daunting and overwhelming, individuals and organizations can take this as a crucial warning and a chance to enhance their preparedness for upcoming outages.
