Arguably the world’s most significant technology outage happened on June 19, 2024, when a poorly executed software update from cybersecurity firm CrowdStrike ended up crashing Microsoft Windows computers all over the world. Mac OS and Linux machines were unaffected. A significant indicator of Microsoft’s market domination and the vulnerabilities that the ubiquity of its Windows operating system exposes the world’s industries to, experts are calling the event “the largest IT outage in history.”
What happened?
CrowdStrike is a cybersecurity firm that secures an overwhelmingly large number of Windows systems connected to the cloud. An update to a CrowdStrike cloud-based security software called Falcon experienced a malfunction early on June 19, causing the outage. The Falcon tool is a software that identifies vulnerabilities through monitoring unusual behavior in cloud connected machines, to protect from malware.
The faulty update caused Windows machines using the Falcon tool to become inoperable, stuck in a boot loop and displaying the familiar yet ominous “blue screen of death” that most Windows users have seen at some point in their lives.
The banking, air travel and healthcare industries were the most significantly impacted, albeit outages impacted all industries using CrowdStrike cybersecurity solutions. Air travel in the United States was severely disrupted, with thousands of flights cancelled or delayed.
What is CrowdStrike?
CrowdStrike is an American technology company headquartered in Austin, Texas. The company was founded in 2011 and employs nearly 8,000 people. Some of the world’s largest technology companies are among the cybersecurity firm’s 29,000 global clients. The company was included in the S&P 500 index in May 2024.
The firm has built up its reputation, and a $70 billion market capitalization, over the past decade by identifying malicious software, bots and ransomware.
Is my computer going to be affected?
No, unless you’re an enterprise level user that deploys CrowdStrike’s cloud-based cybersecurity solutions. Personal computers have been largely unaffected by the outage.
Microsoft’s Azure systems also suffered an outage on the same day, causing many to speculate that the two outages were connected. Reports indicate that the two malfunctions were caused by unrelated events.
What happens now?
Since this was not a cybersecurity breach, most systems affected by the faulty update outage can be restored to normal through a simple manual reboot and deleting the bad update file. However, with large firms having hundreds of thousands of computer systems, that process is exceptionally time consuming and could take days.
How bad is this?
The incident has exposed the fragility that underlies some of the most complex technology systems that power our modern civilization. The technology infrastructure that thousands of organizations and individuals rely on is developed and operated by a handful of technology companies, and a malfunction, outage or cybersecurity breach can ripple across the globe.
Market concentration and consolidation, a key focus of US President Joe Biden’s domestic economic policy through the Department of Justice’s Antitrust Division and the FTC, has only accelerated in the technology sector in recent years.
Microsoft’s Windows is the world’s foremost operating system, and CrowdStrike, despite being a relatively new firm in the cybersecurity space, has apparently become the go-to vendor for cybersecurity.