Explainer: How CrowdStrike knocked the world offline

Daniel Howley
·Technology Editor
Updated 4 min read
319
In this article:

Computers around the world failed on Friday, crippling businesses and shutting down everything from airlines and television networks to emergency and hospital services.

Cybersecurity firm CrowdStrike (CRWD) said an error in one of its software updates for Microsoft’s (MSFT) Windows knocked systems offline.

The incident sent companies and government agencies across the globe into chaos, as they were unable to access the computer programs necessary for continued operations.

New York’s Memorial Sloan Kettering Cancer Center announced it was pausing the start of any new procedures that required anesthesia while airlines, including Delta (DAL) and American Airlines (AAL), were forced to ground flights. The UK’s Sky News network couldn’t broadcast live news, bankers at JPMorgan couldn’t log into their systems, and 911 services in Alaska went offline.

The cascade of failures at such a wide array of organizations left some questioning how a single update could topple so many businesses and agencies in such a short amount of time.

The problem, however, is a direct result of the way our current internet infrastructure operates.

Travelers wait during an outage at Los Angeles International Airport on Friday, July 19, 2024 in Los Angeles. (AP Photo/Jason Dearen)
Travelers wait during an outage at Los Angeles International Airport on Friday, July 19, 2024, in Los Angeles. (AP Photo/Jason Dearen) (ASSOCIATED PRESS)

The web is powered by a handful of major players including Microsoft, Amazon (AMZN), and Google (GOOG, GOOGL). But beyond those are smaller but no less important companies that plug their software into those tech giants' platforms. CrowdStrike offers, among other things, cybersecurity programs for Windows that companies access via the cloud.

Because so many organizations rely on Windows — and because CrowdStrike has become such a mega player in the cybersecurity space — a massive number of key businesses, government organizations, and financial institutions use both companies' software platforms.

When CrowdStrike released an update for its software, companies using Windows systems began experiencing errors, leading to the outage.

“Updates happen an amazing amount of times each day,” explained Gregory Falco, assistant professor of mechanical and aerospace engineering and systems engineering at the Sibley School Program at Cornell University. “Most of them you don't notice. Some of them are annoying, when things get slower or you have to restart your computer.

“But then,” he added, “sometimes these updates do not play as expected.”

Cybersecurity is an integral part of any company that does business over the internet. Hackers are constantly looking for flaws in systems, and cybersecurity companies like CrowdStrike continuously release updates to address any potential cracks those hackers can slip through.

Companies, meanwhile, will apply updates as soon as possible to ensure their systems are as safe as possible from potential attacks. And because CrowdStrike’s update went out so quickly, every organization that uses its software was hit by the same error at once.

NEW YORK, US - JULY 19: Digital boards are seen due to the global communications outage caused by CrowdStrike, which provides cyber security services to US technology company Microsoft, it was observed that some digital billboards in Times Square in New York City, United States, displayed a blue screen and some screens went completely black on July on 19, 2024. (Photo by Selcuk Acar/Anadolu via Getty Images)
A digital board is down due to the global communications outage caused by CrowdStrike. (Photo by Selcuk Acar/Anadolu via Getty Images) (Anadolu via Getty Images)

Said Benjamin Lee, a professor of computer and information science at the University of Pennsylvania: “Any computer system that does not install the update will be at risk of attack with a known vulnerability. This is why so many businesses, financial firms, and other organizations have — at the exact same time — installed this CrowdStrike software update and suffered the consequences.”

It’s that combination of a small number of companies running the internet and businesses needing to keep their cybersecurity software updated at all times that pushed millions of computers to their breaking points on Friday.

CrowdStrike has released a fix for its software and is actively pushing it out to customers. But that doesn’t mean every company will get back online right away.

“Because of the way in which the update has been deployed, recovery options for affected machines are manual and thus limited,” explained Forrester principal analyst Andras Cser. “Administrators must attach a physical keyboard to each affected system, boot into Safe Mode, remove the compromised CrowdStrike update, and then reboot.”

In other words, it could be some time before the entire outage is fully resolved.

For now, IT administrators around the world will be working around the clock to get their systems back up and running. As for the average person, there’s nothing to do but sit back and wait. And unless internet companies dramatically change how they operate, something like this will inevitably happen again.

Subscribe to the Yahoo Finance Tech newsletter.
Subscribe to the Yahoo Finance Tech newsletter. (Yahoo Finance)

Email Daniel Howley at dhowley@yahoofinance.com. Follow him on Twitter at @DanielHowley.

Click here for the latest technology news that will impact the stock market.

Read the latest financial and business news from Yahoo Finance

Advertisement
  • Up next
    View Comments
    Advertisement
  • Up next
    View Comments
    Advertisement
  • Up next
    View Comments
    Advertisement
  • Up next
    View Comments
    Advertisement
  • Up next
    View Comments
    Advertisement
  • Up next
    View Comments
    Advertisement
  • Up next
    View Comments
    Advertisement