Microsoft confirmed that a major outage disabled 8.5 million Windows PCs. This marks one of the most significant cyber attacks in history.
On Thursday, 18th July 2024, numerous devices experienced a glitch caused by a corrupt update by CrowdStrike. The incident caused worldwide havoc for Windows users from Thursday into Friday, 19th July.
In a statement on Sunday, David Weston, Microsoft’s VP, said, “We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines.”
Although the number of affected devices was less than 1% of all Windows devices worldwide, the economic and societal impact is huge. This is largely because CrowdStrike’s customers are enterprise customers. However, Microsoft insists that its software is not the problem but shows its commitment to ensuring recovery.
The tech giant company highlighted the need for proper quality control on software updates as the ecosystem grows. “This event serves as a reminder of the critical need for safe deployment and disaster recovery mechanisms across the tech ecosystem,” Weston remarked.
The global outage had larger impact than the WannaCry attack of 2017, which affected 300,000 devices, and other major incidents like NotPetya and Meta’s 6 hour outage in 2021.
Impact of Microsoft Windows Disruption Across Europe
In Austria, a leading doctors' organisation noted that the outage exposed the vulnerability of health systems dependent on digital infrastructure. The incident raised concerns on the need for stronger backup systems to maintain healthcare services during such disruptions.
In Germany, the government's IT security agency, BSI, reported that numerous companies are still grappling with the fallout. "Many business processes and procedures have been disturbed by the breakdown of computer systems," BSI stated on its website. The agency also issued warnings about potential scams exploiting the situation.
European airports were not spared from the chaos. In Berlin, the IT outage led to the cancellation of 150 out of 552 scheduled flights, disrupting the travel plans of thousands of passengers at the start of the summer vacation season. Airlines were forced to cancel about 20% of their flights, mainly domestic routes, and passengers were advised to take trains instead.
Cyber Attacks on the Rise
Cyber experts have seen a surge in opportunistic hacking attempts since the outage. There has been a big increase in CrowdStrike-themed domain registrations that trick IT managers and the public into downloading malware or disclosing private info.
The former head of cyber at the UK’s intelligence and security organisation, GCHQ, emphasised that the global outage showed individuals' reliance on systems.
"It does emphasise that we live in a world of dependency and vulnerability and that disruption can and will happen and IT is at the core of our day to day operations, our businesses, our economies, everything about our lives. So this will happen and will continue to happen," Sally Walker stated.
However, the former head of Britain’s National Cyber Security Centre, Ciaran Martin, was not surprised by the global disruption. “We’ve talked for a long time in the industry about the inherent fragility of foundational parts of the internet, these little bits of activity and infrastructure that underpin the whole thing and if they go wrong, they can have really serious global consequences,” he said.
UK and Australian cyber agencies continue to warn individuals to lookout for fake emails, calls, and websites and prevent phishing cyberattacks as the risks continue to increase.
CrowdStrike’s CEO, George Kurtz, has since apologised for the havoc and is actively taking measures to assist affected customers.