The Microsoft outage is being considered as the biggest IT breakdown in the history as the infamous ‘Blue Screen of Death’ (BSOD) disrupted multiple services and sectors across the world as a result of a software update.
It is learnt that an update by Falcon Sensor software designed by cybersecurity firm CrowdStrike to protect systems from cyberattacks led the Microsoft’s Windows operating system to crash worldwide. The subsequent disruption resulted in Microsoft’s Azure cloud services triggering a worldwide IT outage disrupting several businesses globally. The first glitches in the US were blamed on a failure of Azure and 365.
Why Home Computers were Not Roiled by the Breakdown
While CrowdStrike’s products are widely deployed in major organisations that need to protect themselves from cyberattacks, they are much less commonly used on home PCs, according to a report by Conversation.
This is because CrowdStrike’s products are tailored for large organisations in which CrowdStrike’s tools help them monitor their networks for signs of attack, and provide them with the information they need to respond to intrusions in a timely way.
For home users, built-in antivirus software or security products offered by companies such as Norton and McAfee are much more popular.
How Long to Actually Fix This?
The US Cybersecurity and Infrastructure Security Agency (CISA) has alerted the public that cybercriminals are exploiting the recent Microsoft outage to conduct phishing attacks and other forms of malicious activity.
“Threat actors continue to use the widespread IT outage for phishing and other malicious activity. CISA urges organisations to ensure they have robust cybersecurity measures to protect their users, assets, and data against this activity,” it said in a statement
Microsoft Chairman and CEO Satya Nadella announced that the company is actively working to restore global systems securely.
CISA has advised people to exercise caution by avoiding clicks on phishing emails or dubious links, as these could result in email compromises and other fraudulent schemes.
CrowdStrike has provided users with manual instructions on how to fix the problem on individual affected computers.
According to CNBC, CrowdStrike earlier assured users that their engineers are actively working to resolve the issue, stating there is no need to open additional support tickets. Users experiencing problems were advised to contact their system administrators. Later, George Kurtz, the CEO of Crowdstrike, shared an update about the situation via Twitter.
He wrote, “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike customers”.
Which Services Were Affected In India?
Flights: Check-in systems at airports across India, including Mumbai, Delhi, Bengaluru airports were affected leading to chaos on July 19. IndiGo, Akasa and SpiceJet airlines were particularly impacted by the IT outage. Several domestic flights were delayed as airlines used alternate methods like Excel to check-in and manage booking services. They also carried out manual check-ins to ensure minimal disruption to schedules. At the Bengaluru airport, 53 domestic flights were cancelled and over 55 delayed.
Stock Market: While the stock exchanges remained unaffected by the global outage linked to Microsoft’s technical issues, some trading platforms such as IIFL Securities, Angel One, and 5Paisa, flagged glitches. Traders at Edelweiss MF, Nuvama, and Motilal Oswal also faced tech outages.
Banks: According to the Reserve Bank of India (RBI), 10 banks and non-banking financial companies (NBFCs) were affected by the outage. Critical systems of most banks in India are not on cloud and very few use CrowdStrike.
Corporate: Since Microsoft Teams, Windows 365, OneDrive – all were down due to the tech outage, several Windows users across the globe and in India (especially those in IT services) thanked the Blue Screen of Death (BSOD) error, for causing their systems to glitch and granting them an “early weekend”.
Several Indian asset management companies, including SBI MF, ICICI Prudential MF, Aditya Birla Sun Life MF, Axis MF and Zerodha MF, remained insulated against the Microsoft outage.
Besides, global impact was seen on social media sites such as Instagram and eBay. Flights such as Delta, United and American Airlines in the US were grounded. Sky News experienced difficulties broadcasting live, and some supermarkets faced payment processing issues, leaving customers unable to complete purchases.
Can This Happen Again?
The outage has raised concerns among experts that many organisations are not well-prepared to implement contingency plans when a single point of failure such as an IT system, or a piece of software within it, goes down.
As per Reuters, there are also more digital disasters looming on the horizon, with perhaps the biggest global IT challenge since the Millennium Bug, the “2038 Problem”, just under 14 years away.
The Millennium Bug, or “Y2K” happened because early computers saved expensive memory space by only counting the last two digits of the year, meaning many systems were unable to distinguish between the year 1900 and 2000, leading to critical errors.
“I think it’s very important for organisations of all shapes and sizes to really look at their risk management and look at an all-hazards approach,” said Nigel Phair, a cybersecurity professor at Australia’s Monash University, as quoted by Reuters.