Connect with us

World

What’s behind the Microsoft outage? Experts reveal the truth behind the blackout as major banks, businesses, and news channels are all struck – and say we can’t rule out a cyberattack

Published

on

What’s behind the Microsoft outage? Experts reveal the truth behind the blackout as major banks, businesses, and news channels are all struck – and say we can’t rule out a cyberattack

Microsoft is scrambling to fix the ‘massive cyber event’ that caused computer meltdowns around the world on Friday. 

Described as the ‘most serious IT outage the world has ever seen‘, the outage has hit supermarkets, banks, telcos, streaming services and PCs. 

Brits woke up to find Microsoft software and hardware affected, with airports, railways and GP surgeries also among those reporting problems

It’s all due to a ‘buggy’ security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks. 

CrowdStrike – the company behind Falcon – is ‘actively working with customers’ who are affected, but insists it is ‘not a security incident or cyberattack’. 

A ticket machine at King’s Cross Station in central London was showing up as out of service today due to the outage that bricked computers 

Huge queues at Gatwick Airport after a massive Microsoft outage affected services, grounding flights and rendering big screens inoperable

Huge queues at Gatwick Airport after a massive Microsoft outage affected services, grounding flights and rendering big screens inoperable

The outage is due to a 'buggy' security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks. CrowdStrike – the company behind Falcon – is 'actively working with customers' who are affected, but insists it is 'not a security incident or cyberattack'

The outage is due to a ‘buggy’ security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks. CrowdStrike – the company behind Falcon – is ‘actively working with customers’ who are affected, but insists it is ‘not a security incident or cyberattack’

WHAT HAPPENED? 

On Friday, computers around the world started repeatedly crashing and displaying the ‘blue screen of death. 

While Australia was the first to feel the brunt of the outage, the US, UK and Europe are experiencing the chaos too, with Sky News and CBBC unable to broadcast live in the morning.

Departure boards at Gatwick and Edinburgh airports suddenly turned off, while NHS staff have described logging on to find non-clinical systems are down, meaning patients can’t book appointments. 

Manchester United and Blackburn Rovers football clubs even tweeted to say its online ticketing system is experiencing disruption, the latter describing it ‘out of our control’. 

US IT provider CrowdStrike admitted it was due to a defect in the ‘content update’ for its Falcon anti-virus software which crashed Microsoft Windows devices. 

CrowdStrike has said a ‘fix has been deployed’ for the issue – but this could take days to manifest, so problems with Windows computers could be ongoing. 

CrowdStrike CEO George Kurtz posted on X that the firm is 'actively working with customers' who are affected and said it is 'not a security incident or cyberattack'

CrowdStrike CEO George Kurtz posted on X that the firm is ‘actively working with customers’ who are affected and said it is ‘not a security incident or cyberattack’

Computers around Australia were repeatedly crashing and displaying the 'blue screen of death'. A blue error screen on a register is seen at a departmental store affected by a cyber outage in Brisbane, Australia, July 19, 2024

Computers around Australia were repeatedly crashing and displaying the ‘blue screen of death’. A blue error screen on a register is seen at a departmental store affected by a cyber outage in Brisbane, Australia, July 19, 2024

At least 48 Australian services suffered outages from Friday afternoon including supermarkets, banks, streaming services and work PCs

At least 48 Australian services suffered outages from Friday afternoon including supermarkets, banks, streaming services and work PCs

Other services affected include MyGov, NBN, Centrelink, ASX, and Australia Post, along with a number of social media entertainment services including Netflix , Facebook , Instagram , X, Xbox, Google Cloud, Open AI , Reddit, Nine, Foxtel, and the ABC

Other services affected include MyGov, NBN, Centrelink, ASX, and Australia Post, along with a number of social media entertainment services including Netflix , Facebook , Instagram , X, Xbox, Google Cloud, Open AI , Reddit, Nine, Foxtel, and the ABC

‘The near global outage appears to have been caused by a failure of systems associated with the CrowdStrike Falcon endpoint security monitoring software,’ explained Dr Mark Gregory, associate professor at RMIT University’s School of Engineering. 

‘CrowdStrike is a global multi-national software solutions provider.

‘Many businesses and organisations have found that their software systems have failed due to the software system outage. 

‘The reliance on centrally managed global software solutions can lead to significant security risks.’ 

IS IT A CYBERATTACK? 

Jake Moore, tech expert and security advisor at ESET, agreed it was likely a ‘technical fault’ from CrowdStrike, but said we can’t rule out a cyberattack behind the scenes. 

In the UK, Sky News is off air, while Britain’s biggest train company warned passengers to expect disruption because of ‘widespread IT issues’

Not in service: British railways warned passengers to expect delays because of the issue

Not in service: British railways warned passengers to expect delays because of the issue

‘At this moment it is more likely to be a huge technical fault but the fact it is possible is extremely worrying,’ Moore told MailOnline. 

‘If anything, it would make threat actors take note of this particular outage and the potential damage it can cause.’ 

Professor Jill Slay, chair in cybersecurity at the University of South Australia, said at this stage it is ‘too early to draw conclusions’, but that an attack is not impossible. 

‘While the outage may easily be a result of misconfiguration by one of these companies, or “interference” between products, the global impact is enormous,’ she said. 

‘It is possible that there is a security breach, but to me, this is instinctively unlikely.’

Cyber expert Troy Hunt told Seven News the catastrophic crisis was not affecting all Microsoft Windows computers, but many of them.

NHS staff have described logging on to find non-clinical systems are down meaning patients can't book appointments. This GP in Merseyside said it was unable to access any patient records

NHS staff have described logging on to find non-clinical systems are down meaning patients can’t book appointments. This GP in Merseyside said it was unable to access any patient records

What is CrowdStrike?

The rogue app that brought down computers across the world is ironically aimed at protecting PCs from hackers.

Crowdstrike is a security service designed to stop internet breaches for the globe’s biggest companies, but is now responsible for perhaps the biggest IT outage we have ever seen.

Computer analysts believe a badly-written bit of code in the update triggered the catastrophe and wrecked computer networks worldwide.

Crowdstrike has confirmed a faulty update was responsible for sparking the chaos.

It said in a statement this morning: ‘Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.

‘Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.

‘We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.

‘We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of Crowdstrike customers.’

Dr Mark Gregory, associate professor at RMIT University’s School of Engineering, said he believed an update to one of CrowdStrike’s software products, called Falcon, is ‘bricking’ computers running Windows, making them inoperable.

Cyber expert Troy Hunt told Seven News the catastrophic crisis was not affecting all Microsoft Windows computers, but many of them.

Mr Hunt said CrowdStrike creates anti-virus products that regularly update with new definitions of viruses.

‘They run in a very privileged space on the PC, which means they have a lot of control,’ he said.

‘It looks like they’ve pushed a bad update, which is presently nuking every machine that takes it.

‘It could be quite some time to get those machines back on time.’ 

Toby Murray, associate professor at the University of Melbourne’s School of Computing, agreed that CrowdStrike Falcon is a ‘pretty privileged piece of software’.

‘It is able to influence how the computers it is installed on behave,’ Professor Murray said. 

‘If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons – one, Falcon is widely deployed on many computers, and two, because of Falcon’s privileged nature.’ 

WHAT IS CROWDSTRIKE? 

The rogue app that brought down computers across the world is ironically aimed at protecting PCs from hackers.

Crowdstrike is a security service designed to stop internet breaches for the globe’s biggest companies, but is now responsible for perhaps the biggest IT outage we have ever seen.

Computer analysts believe a badly-written bit of code in the update triggered the catastrophe and wrecked computer networks worldwide.

Crowdstrike has confirmed a faulty update was responsible for sparking the chaos.

It said in a statement: ‘Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.

‘Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.

‘We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.

‘We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of Crowdstrike customers.’

Sky said: 'We apologise for the interruption to this broadcast. We hope to restore the transmission of Sky News shortly'

Sky said: ‘We apologise for the interruption to this broadcast. We hope to restore the transmission of Sky News shortly’ 

This 7-11 store in Australia was forced to close due to the 'global technical error'

This 7-11 store in Australia was forced to close due to the ‘global technical error’ 

Microsoft 365 said: ‘Our services are still seeing continuous improvements while we continue to take mitigation actions. 

‘We still expect that users will continue to see gradual relief as we continue to mitigate the issue.’ 

WHAT ARE THE WIDER IMPLICATIONS? 

The episode highlights how ‘dependent on technology’ society now is. 

‘Society is dependent upon technology and this is why we must have both technical and non-technical controls in place to protect us when issues arise, whether malicious or not,’ said Adam Pilton, senior cybersecurity consultant at CyberSmart. 

Windows is the most used operating system in the world, meaning the outage is affecting almost every part of the global economy - with restaurants and cafes, including the bakery chain Gail's, unable to take card payments

Windows is the most used operating system in the world, meaning the outage is affecting almost every part of the global economy – with restaurants and cafes, including the bakery chain Gail’s, unable to take card payments

‘Social media is ablaze with users reporting that they are unable to work and one user on Reddit even stated they were commenting purely to be part of history on The day that CrowdStrike took out the internet!’

‘This is very much the point of why all businesses must plan and prepare. As we are seeing, a huge dependency on individual suppliers can take down supply chains.’ 

Mark Lloyd, business unit manager at IT support firm Axians UK, called the outage a ‘stark reminder’ of how dependent the world is on cloud services. 

‘From productivity tools to critical infrastructure, a large chunk of technology runs on cloud platforms,’ Lloyd said. 

‘This outage showcases the immense power and reach these services hold. 

‘Even the biggest tech giants are not immune to disruptions, and the need for robust redundancy and disaster recovery plans across the board are more critical than ever in this day and age.’ 

What to do during an online banking and app outage 

Consumer rights advocate Which? has compiled the steps to follow when your can’t access your online banking service or app.

Such an issue usually results from an IT glitch or a maintenance update. 

– If you’re experiencing online banking or mobile app problems today, see if you can contact your bank to get things resolved.

– If you can, go to your local bank branch – especially if you urgently need to access your money.

– If you don’t have a local bank branch nearby or transport to get to it, try and call your bank and ask for its guidance on what to do.

– If the bank’s phone services are also down or phone lines are busy, try contacting your bank on social media to ask what to do – but don’t ever share your account details over social media. 

– For any reason if you suffered a financial loss because you weren’t able to access your funds, you may be entitled to compensation. 

Source: Which? 

Continue Reading