HYDERABAD: Billions of computers running crucial services like hospitals, airlines, banks, stock markets, and other IT services in India around the world have crashed after a botched update of a widely-used cybersecurity programme took down computers running on Microsoft’s Windows. Computers running Apple’s IoS and Linux were not affected.
Disruptions began around 11.30 am IST, with Microsoft users worldwide reporting widespread outages. Though the technology company said it was fixing an issue affecting access to Microsoft 365 apps and services, the cause, exact nature and scale of the outage remained unclear initially.
Later, American cybersecurity company CrowdStrike acknowledged that the global outage was caused by a faulty patch that it had introduced for Microsoft users.
In an alert to its clients at 1 pm IST, CrowdStrike said its "Falcon Sensor" software was causing Microsoft Windows to crash and display a blue screen and shared a manual workaround to rectify the issue.
The manual solution that involved deleting the faulty patch from every Windows-run computer in the safe mode before restarting it required a large number of technical persons and their shortage led to massive delays in services around the world.
“This is unprecedented. The economic impact is going to be huge,” Alan Woodward, professor of cybersecurity at Surrey University, said.
It led to cancellation of thousands of flights around the world, including in India. Some countries, excluding India, reported healthcare and banking services getting halted.
According to cyber security experts, Friday’s outage is the biggest that the world has even seen. Other disruptions triggered by Amazon cloud service in 2017 and Fastly in 2021 pale in comparison to Friday’s outage.
The outage affected most of the western world, Asia and Australia, where 70 per cent of computers run on Microsoft Windows or use Microsoft cloud services.
CrowdStrike CEO George Kurtz posted on social media platform X that, “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.” However, it inflicted greater damages than a terrorist attack on the world.
CrowdStrike, which was founded by former executives of antivirus major McAfee Inc. in 2012, offers a relatively new type of cybersecurity solution which is considered among the best defences against ransomware and other hacking threats.
Unlike traditional antivirus software that acts when malware begins its attack, CrowdStrike’s ultralight falcon programme constantly monitors computer logs to find out any signs of malware activity. If it finds any malware, it resolves the issue within five minutes.
This access to the core of the system gives the software the ability to disrupt the very systems they are trying to protect as happened during Friday’s outage.
The disruption was first flagged in India by the Chennai airport, where regular passenger-centric activities were affected. It was soon followed by IndiGo, SpiceJet and Akasa reporting disruptions in their online check-in and boarding processes across their networks, forcing them to switch to manual mode.
Indian banks and payments systems, which run on their own software, were unaffected by the Microsoft outage. “We are all fine,” SBI chairman Dinesh Kumar Khara said. National Payments Corporation of India (NPCI), which runs UPI transactions and Rupay cards, remained unaffected. Similarly, computers run by Linux or Mac operating systems were not affected by the global outage.
Friday’s outage exposed inherent vulnerabilities of depending on a single service provider.
"This is a very, very uncomfortable illustration of the fragility of the world’s core Internet infrastructure," said Ciaran Martin, professor at Oxford University's Blavatnik School of Government and former head of the UK National Cyber Security Centre.
The consensus opinion among cybersecurity experts is that the future post-outage will not be the same. If one mistake by a company could affect billions of people, they say, it warrants the intervention of policy makers to ensure that people, businesses and governments are not held hostage to any one organisation.
