While both firms continue to support impacted customers, Microsoft Corp. has disclosed that just an estimated 8.5 million Windows systems were impacted by a CrowdStrike Holdings Inc. upgrade that caused extensive global outages on Friday.
A fix for CrowdStrike’s Falcon security software prompted a global outage on Friday that knocked offline government, banking, and airline systems, along with a Windows “blue screen of death.” The issue, which appeared to be incompetence more than a cybersecurity compromise, had consequences that persisted through Sunday and might last into the coming week, despite the fact that delays and system problems persisted.
A content update that included malware signatures was distributed to CrowdStrike Falcon endpoint protection service customers on July 19, 2024. This caused downtime since the afflicted Windows computers began displaying a Blue Screen of Death (BSOD) message.
A number of companies in Asia-Pacific were impacted, including Airports of Thailand, PhonePe and Tata Starbucks in India, AirAsia in Malaysia, and Coles and Woolworths in Australia.
Microsoft stated, “We recognize the disruption this issue has caused for businesses and in many people’s daily routines.” “Our goal is to safely restore damaged systems back online by offering our customers technical expertise and support.”
In order to inform continued discussions with CrowdStrike and clients, it is also working with other cloud providers, such as Google Cloud and Amazon Web Services, to spread awareness about the level of impact they are experiencing throughout the sector.
A substantial portion of the roughly 8.5 million Windows devices that were affected are back online and functioning, according to a statement released by CrowdStrike earlier today on X.
Additionally, CrowdStrike has been collaborating with clients to develop a novel approach that expedites the cleanup of affected systems, and the company is currently operationalizing an opt-in to this method. “We’re getting better every minute,” it continued.
Regarding the impacted PCs, Weston stated that while major events like the CrowdStrike outage are “rare,” software updates do occasionally create disruptions. He added that even if the attack affected less than 1% of Windows PCs, CrowdStrike’s widespread use in numerous vital services has a significant negative influence on the economy and society.
Weston went on, “This incident shows the interconnected nature of our broad ecosystem, which includes customers, software platforms, security vendors, and other software vendors in addition to global cloud providers.” “It also serves as a reminder of how critical it is that we all prioritize using the existing mechanisms for disaster recovery and safe deployment across the tech ecosystem.”
Several national cyber security agencies in the area have issued warnings about a rise in similar scams following the outage.
Australia’s National Cyber Security Coordinator, Michelle McGuinness, reported on July 20, 2024, that scammers were increasingly using recovery efforts as a means of evading detection.
“I implore Australian businesses and community members to exercise caution when systems are restored. Avoid interacting with shady websites, emails, texts, and phone calls, the woman advised.
The Cyber Security Agency in Singapore has also alerted consumers to an ongoing phishing campaign that targets CrowdStrike users. Threat actors are using the outage as a “lure theme” to send phishing emails purporting to be CrowdStrike assistance and to telephone clients and pose as CrowdStrike employees.