What’s behind the Microsoft outage? Experts reveal the truth behind the blackout as major banks, businesses, and news channels are all struck – and say we can’t rule out a cyberattack.
Experts believe the issue could have been caused by a ‘buggy’ security update.
Microsoft is scrambling to fix the ‘massive cyber event’ that caused computer meltdowns around the world on Friday.
Described as the ‘most serious IT outage the world has ever seen’, the outage has hit supermarkets, banks, telcos, streaming services and PCs.
Brits woke up to find Microsoft software and hardware affected, with airports, railways and GP surgeries also among those reporting problems.
It’s all due to a ‘buggy’ security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks.
CrowdStrike – the company behind Falcon – is ‘actively working with customers’ who are affected, but insists it is ‘not a security incident or cyberattack’.
The outage is due to a ‘buggy’ security update to Falcon, a type of antivirus software that protects Microsoft Windows devices from cyberattacks. CrowdStrike – the company behind Falcon – is ‘actively working with customers’ who are affected, but insists it is ‘not a security incident or cyberattack’
WHAT HAPPENED?
On Friday, computers around the world started repeatedly crashing and displaying the ‘blue screen of death.
While Australia was the first to feel the brunt of the outage, the US, UK and Europe are experiencing the chaos too, with Sky News and CBBC unable to broadcast live in the morning.
Departure boards at Gatwick and Edinburgh airports suddenly turned off, while NHS staff have described logging on to find non-clinical systems are down, meaning patients can’t book appointments.
Manchester United and Blackburn Rovers football clubs even tweeted to say its online ticketing system is experiencing disruption, the latter describing it ‘out of our control’.
US IT provider CrowdStrike admitted it was due to a defect in the ‘content update’ for its Falcon anti-virus software which crashed Microsoft Windows devices.
CrowdStrike has said a ‘fix has been deployed’ for the issue – but this could take days to manifest, so problems with Windows computers could be ongoing.
‘The near global outage appears to have been caused by a failure of systems associated with the CrowdStrike Falcon endpoint security monitoring software,’ explained Dr Mark Gregory, associate professor at RMIT University’s School of Engineering.
‘CrowdStrike is a global multi-national software solutions provider.
‘Many businesses and organisations have found that their software systems have failed due to the software system outage.
‘The reliance on centrally managed global software solutions can lead to significant security risks.’
IS IT A CYBERATTACK?
Jake Moore, tech expert and security advisor at ESET, agreed it was likely a ‘technical fault’ from CrowdStrike, but said we can’t rule out a cyberattack behind the scenes.
‘At this moment it is more likely to be a huge technical fault but the fact it is possible is extremely worrying,’ Moore told MailOnline.
‘If anything, it would make threat actors take note of this particular outage and the potential damage it can cause.’
Professor Jill Slay, chair in cybersecurity at the University of South Australia, said at this stage it is ‘too early to draw conclusions’, but that an attack is not impossible.
‘While the outage may easily be a result of misconfiguration by one of these companies, or «interference» between products, the global impact is enormous,’ she said.
‘It is possible that there is a security breach, but to me, this is instinctively unlikely.’
Cyber expert Troy Hunt told Seven News the catastrophic crisis was not affecting all Microsoft Windows computers, but many of them.
Mr Hunt said CrowdStrike creates anti-virus products that regularly update with new definitions of viruses.
‘They run in a very privileged space on the PC, which means they have a lot of control,’ he said.
‘It looks like they’ve pushed a bad update, which is presently nuking every machine that takes it.
‘It could be quite some time to get those machines back on time.’
Toby Murray, associate professor at the University of Melbourne’s School of Computing, agreed that CrowdStrike Falcon is a ‘pretty privileged piece of software’.
‘It is able to influence how the computers it is installed on behave,’ Professor Murray said.
‘If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons – one, Falcon is widely deployed on many computers, and two, because of Falcon’s privileged nature.’
WHAT IS CROWDSTRIKE?
The rogue app that brought down computers across the world is ironically aimed at protecting PCs from hackers.
Crowdstrike is a security service designed to stop internet breaches for the globe’s biggest companies, but is now responsible for perhaps the biggest IT outage we have ever seen.
Computer analysts believe a badly-written bit of code in the update triggered the catastrophe and wrecked computer networks worldwide.
Crowdstrike has confirmed a faulty update was responsible for sparking the chaos.
It said in a statement: ‘Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.
‘Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.
‘We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
‘We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of Crowdstrike customers.’
Microsoft 365 said: ‘Our services are still seeing continuous improvements while we continue to take mitigation actions.
‘We still expect that users will continue to see gradual relief as we continue to mitigate the issue.’
WHAT ARE THE WIDER IMPLICATIONS?
The episode highlights how ‘dependent on technology’ society now is.
‘Society is dependent upon technology and this is why we must have both technical and non-technical controls in place to protect us when issues arise, whether malicious or not,’ said Adam Pilton, senior cybersecurity consultant at CyberSmart.
‘Social media is ablaze with users reporting that they are unable to work and one user on Reddit even stated they were commenting purely to be part of history on The day that CrowdStrike took out the internet!’
‘This is very much the point of why all businesses must plan and prepare. As we are seeing, a huge dependency on individual suppliers can take down supply chains.’
Mark Lloyd, business unit manager at IT support firm Axians UK, called the outage a ‘stark reminder’ of how dependent the world is on cloud services.
‘From productivity tools to critical infrastructure, a large chunk of technology runs on cloud platforms,’ Lloyd said.
‘This outage showcases the immense power and reach these services hold.
‘Even the biggest tech giants are not immune to disruptions, and the need for robust redundancy and disaster recovery plans across the board are more critical than ever in this day and age.’
What to do during an online banking and app outage
Consumer rights advocate Which? has compiled the steps to follow when your can’t access your online banking service or app.
Such an issue usually results from an IT glitch or a maintenance update.
– If you’re experiencing online banking or mobile app problems today, see if you can contact your bank to get things resolved.
– If you can, go to your local bank branch – especially if you urgently need to access your money.
– If you don’t have a local bank branch nearby or transport to get to it, try and call your bank and ask for its guidance on what to do.
– If the bank’s phone services are also down or phone lines are busy, try contacting your bank on social media to ask what to do – but don’t ever share your account details over social media.
– For any reason if you suffered a financial loss because you weren’t able to access your funds, you may be entitled to compensation.