Massive global IT outage: what we know
PARIS, France (AFP) — Airlines, banks, TV channels and other businesses were disrupted worldwide on Friday following a major computer systems outage linked to an update on an antivirus program.
What do we know at this stage?
– What caused the outage? –
The outage was linked to a faulty update on Windows systems of an IT solution from the American cybersecurity group CrowdStrike.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. The issue has been identified, isolated and a fix has been deployed,” CEO George Kurtz said in a message on social media platform X.
The problem did not affect users of Mac and Linux systems.
The update bug was triggered on Thursday from 1900 GMT, according to a Microsoft publication, and many companies around the world began reporting malfunctions on Friday morning.
“There are a lot of systems that go live at night and have updates in the morning,” Carole Winquist, marketing director of IT security company GitGuardian, told AFP.
– What happened? –
The Crowdstrike security software is called Falcon Sensor and is similar to an antivirus.
Its update suddenly prevented the computers from starting up.
“Imagine you have a little bracelet that protects you from mosquitoes, and all of a sudden this anti-mosquito bracelet starts sending electric shocks through your wrist,” Kayssar Daher, a cybersecurity expert at GitGuardian, told AFP.
“You can’t walk, you can’t move, you’re totally paralysed. That’s exactly the situation in which systems equipped with CrowdStrike have found themselves”, he said.
For Alexander Liskin, from the cybersecurity company Kaspersky, the group ignored “all the processes required to manage the risks of their software”.
A company that sells security software must always “test the quality of its updates before deploying them” to avoid finding itself in this situation, noted the expert.
CrowdStrike’s shares were down by nearly 17 percent at around 1000 GMT on Friday in electronic trading before the opening of the New York Stock Exchange.
– Who was affected? –
The outage impacted the airline industry worldwide.
Major US airlines, such as Delta, United and American Airlines, grounded their planes due to “communications issues”.
Air France said it was facing IT-related disruption on several of its services, but not at the Charles de Gaulle and Orly airports serving the Olympics host city Paris.
Britain’s largest rail operator also announced it was affected, as did the London Stock Exchange, Australian and French media and the accreditation system for the Paris Olympics, which begin in a week.
“This is one of the rare occasions when security software has been found to be the cause of such a huge outage,” said Daher.
The scale of the phenomenon can be explained by the fact that “Windows is extremely widespread and so is CrowdStrike”, he added.
Microsoft is present “everywhere in companies that structure our lives”, Winquist added.
– When will things be back to normal? –
Fixing the bug is simple: “you have to go into the system and delete a file so that the system can restart”, said Daher.
However, all the experts interviewed agree that this is a manual process that needs to be carried out on each affected device.
“For large companies that have IT infrastructures with thousands and thousands of Windows computers, it will be very hard to restore”, said Liskin.
There could be “people stranded for several hours, even several days”, said Winquist.
However, some companies, such as American Airlines, announced as early as Friday that they were resuming operations.