A Single Defect In A Cybersecurity Software Is Taking Down Everything From Airports To 9-1-1 Call Centers
A global outage of the security software CrowdStrike is effecting everything from international flights to global banks to average businesses around the world Friday morning. Systems are slowly returning to normal, but the effects of the outage will reverberate for the rest of the day, especially for the travelers stranded in airports by thousands of canceled flights.
‘Twister’ Remains The Greatest Car Commercial Of All Time
CrowdStrike is used by a number of Fortune 500 companies to keep their digital worlds secure, according to CNN. That’s not all—the company performs cybersecurity investigations for the U.S. government and was the first to ring the alarm over Russian election interference in 2016. Perhaps most concerning, Alaska State Troopers report that 911 services are down for the whole state, according to NBC News.
The outage is the result of a Microsoft-specific program called Falcon, which is meant to protect files upload to the cloud:
CrowdStrike’s cybersecurity software — used by numerous Fortune 500 companies, including major global banks, healthcare and energy companies — detects and blocks hacking threats. Like other cybersecurity products, the software requires deep-level access to a computer’s operating system to scan for those threats. In this case, computers running Microsoft Windows appear to be crashing because of the faulty way a software code update issued by CrowdStrike is interacting with the Windows system.
The company said the outage was not caused by a security incident or a cyberattack. Kurtz, in his post, said the issue was identified and isolated, and engineers deployed an update to fix the problem.
[…]
The massive cybersecurity company does business around the world through software sales and investigations of major hacks.
The company also helps run cybersecurity investigations for the US government. For example, CrowdStrike has tracked North Korean hackers for more than a decade, the company says. It also was tasked with tracking the hacking groups that carried out the 2014 hack on Sony Pictures.
But CrowdStrike is perhaps best known for investigating the Russian hack of Democratic National Committee computers during the 2016 US election. It has been at the center of false conspiracy theories since 2016, most notably after a White House transcript revealed former President Donald Trump mentioned Crowdstrike in his July 2016 call with Ukrainian President Volodymyr Zelensky that led to his first impeachment.
Currently, multiple airports are in chaos as flights are being canceled and airline workers on the ground have no way of remediating the situation. Our own Daniel Golson, currently stranded in Amsterdam on his way back from a product drive, says there is a three hour delay just speak to a Delta representative—and that’s for diamond members. American Airlines, Delta and United are all affected by the outage. Other businesses are down as well, such as banks in South Africa, the London Stock Exchange and doctors offices on the National Health Service in the UK.
George Kurtz, president and CEO of CrowdStrike, told NBC the outage won’t resolve all at once:
“It could be some time for some systems that just automatically won’t recover,” Kurtz told NBC’s “TODAY” show this morning.
Kurtz said the company was “deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this,” adding the issue has been fixed on their end.
“Many of the customers are rebooting the system, and it’s coming up, and it’ll be operational because we fixed it on our end,” he said. “We’re just trying to sort out where the negative interaction was,” he said of the faulty update that affected Windows PCs.
Services to these customers is slowly coming back up, but service seems spotty.
This is a breaking story and we will update as more information comes forward.