Large-Scale IT Outage Causing International Disruption

Uploaded on 2024-07-19 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A major IT outage has disrupted businesses and institutions in multiple countries, throwing airlines, government services, TV channels, banks, supermarkets, telecoms and media outlets into chaos. Downdetector, a website which monitors outages, reported sudden spikes in problems with websites including Microsoft applications, banking websites and airline apps. 

Cybersecurity company CrowdStrike is reportedly linked to the IT outage affecting banks, airports, supermarkets and businesses across Australia and the world.

In an incident with an international impact, airports in the United Kingdom, France, Germany, Spain, Malaysia and the Philippines have reported disruptions to services. Airport check-in systems around the world have gone offline and businesses have reported the "blue screen of death" and IT outages.

  • The US state of Alaska has said its emergency services are affected  and many 911 and non-emergency call centres are not working properly.
  • Australia has had broadcast networks fail and supermarkets crippled and Sky News UK went completely off air. Australian airlines Virgin Australia and Jetstar have also had to delay or cancel flights. 
  • A number of US airlines Delta, United and American Airlines  have stopped flights around the world.United, Delta and American Airlines that are all based in the US, have issued a "global ground stop" on all of their flights. 
  • Social media users have reported queues at Australian stores with payment systems offline and trouble accessing financial institutions like the National Australia Bank.

The reason for the outage is not clear, but appears to be  linked to Microsoft PC operating systems. An official Microsoft 365 service update posted on  X / Twitter earlier today saying "we're investigating an issue impacting users ability to access various Microsoft 365 apps and services".

The problem appears to have been caused by a software update gone wrong. A newly released version of CrowdStrike’s security software reportedly caused Windows computers to crash and display a standard error blue screen that happens when the operating system cannot load correctly. 

This update’s impact has been particularly severe for enterprise customers, with some organizations reporting that thousands of devices, including critical production servers and SQL nodes, have been affected. 

Crowdstrike are advising affected users not to open individual support tickets and, as an indication of the potential reputational damage, the company's stock value fell by 20% in pre-market trading - a fall worth $16 billion. 

Ilkka Turunen, Field CTO at the software supply chain management Sonatype commented of what’s going on with the Crowdstrike outage. "The widespread outages across the world affecting Microsoft Windows are due to a botched update to a piece of software called Crowdstrike, a well-regarded malware and endpoint protection tool often used by enterprises and many companies across the world... In terms of technical details, the update causes a BSOD loop on any Windows machine essentially making it boot and crash on an infinite loop....

"Making it worse is the fact that there are a significant number of Windows machines that the update was auto-installed on overnight. There are workarounds that customers of theirs will apply, but it seems to be very manual."

"It’s definitely a supply chain style incident - what it shows is that one popular vendor botching an update can have a huge impact on its customers and how far a single well-orchestrated update can spread in a single night. It’s not yet clear if the contents were due to malicious reasons, but it shows how quickly targeted attacks on popular vendors could spread." Turunen said.

In other comment, Alan Stephenson-Brown, CEO of network solutions supplier Evolve said, "News of a global IT outage that has caused problems at airlines, media and banks is a timely reminder that operational resilience should be at the forefront of the business agenda...

Demonstrating that even large corporations aren't immune to IT troubles, this outage highlights the importance of having distributed data centres and rerouting connectivity that ensures business can continue functioning when cloud infrastructure is disrupted. By prioritising both contingency planning and preventative measures, IT systems can be protected.

The impact of this incident is hard to exaggerate and business leaders should carefully consider  the systems they have in place to identify potential vulnerabilities before they find themselves the subject of the next IT outages headline. 

Downdetector   |   Crowstrike   |   BBC   |   AlJazeera   |   The Conversation   |   ABC   |   Euronews   |   Telegraph

Image: structuresxx

You Might Also Read: 

Securing The Supply Chain:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Are Any Of Your Suppliers A Security Risk Waiting To Happen?
Defending Against Business Email Compromise »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

National Information Technology Development Agency (NITDA) - Nigeria

National Information Technology Development Agency (NITDA) - Nigeria

The National Information Technology Development Agency (NITDA) is committed to implementing the Nigerian National Information Technology Policy.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Heidrick & Struggles International

Heidrick & Struggles International

Heidrick & Struggles is a premier provider of leadership consulting and senior-level executive search services for roles including Information & Technology Officers and Cybersecurity.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

Action1

Action1

Action1 is a Cloud-based lightweight endpoint security platform that discovers all of your endpoints in seconds and allows you to retrieve live security information from the entire network.

riskmethods

riskmethods

riskmethods helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

Sidcon International Consulting Company

Sidcon International Consulting Company

SIDCON International Consulting Company has been providing consulting services since 2002 for private and public organizations in Ukraine and other countries.

Domotz

Domotz

Domotz enables IT teams to monitor and manage their networks remotely, while ensuring that the security and the operational efficiency of their organizations are properly maintained.

SyberFort

SyberFort

SyberFort offers a suite of SAAS-based platforms designed to fortify your digital defenses including Threat Intelligence and Brand Protection.

Theori

Theori

Theori tackles the most difficult cybersecurity challenges from an attacker’s perspective and conquers them as the best strategic security experts.

Skillfield

Skillfield

Skillfield is a Melbourne based Cyber Security and Data Services consultancy and professional services company.

Staris

Staris

Human based defense is dead. Staris is reinventing application security for an increasingly AI driven world.