Organizations around the world have been affected by a global computer problem that has caused failures in multiple services. The outage has affected private companies, such as banks, airlines and media outlets. It has also affected public institutions, health systems and transport operators, such as Aena, which has reported the cancellation of a hundred flights due to the impact of the incident.
The origin of the chaos is a faulty update to CrowdStrike’s Falcon system, which in turn caused a critical bug in Windows and Azure, Microsoft’s cloud computing system. CrowdStrike is a cybersecurity company that protects computer networks from attacks, using artificial intelligence and cloud technology. It specializes in real-time threat detection and prevention services. Its agreements with Azure, the world’s second-largest cloud services operator, mean that its software is deeply integrated into the global network.
“We have been made aware of an issue affecting Windows virtual machines running CrowdStrike Falcon, which may encounter a bug check and become stuck in a reboot state,” Azure said after several hours of confusion. “We are aware of this issue and are currently investigating potential options Azure customers can take to mitigate this issue,” the Microsoft company added.
CrowdStrike has acknowledged the flaw and denies that the problems are due to a cyberattack. “CrowdStrike is actively working with customers affected by a flaw found in a single content update for Windows. Mac and Linux hosts are not affected. This is not a security incident or a cyberattack,” said George Kurtz, president of the firm. “The issue has been identified, isolated, and a fix has been implemented.”
Multiple incidents
In Spain, health services in several autonomous communities have informed their professionals that their computer systems are also experiencing problems, although no interruptions in their services have been reported. Aena, for its part, has reported that its systems have begun to return to normal around 10.20 am after its operations, such as checking in luggage or boarding procedures, had to be carried out from early in the morning using manual systems.
In the early hours of the morning, travellers who were about to take flights at Adolfo Suárez Madrid-Barajas airport were confronted with images like the one published by cybersecurity expert Runa Sandvik. The airport’s information screens had lost connection and were displaying an error message from Microsoft. The same problem has occurred at financial institutions, with their international operations screens displaying the message “No signal”, according to elDiario.es.
The Bizum payment platform has also reported that it has been affected by the incident, but at around 11:00 a.m. it reported that its service has returned to normal.
In the UK, the London Stock Exchange has also reported disruptions to its operations, while the Sky television channel was unable to broadcast this morning. Several airlines, such as Ryanair, have urged passengers to arrive at airports three hours earlier due to computer problems. The airports of Brisbane (Australia), Edinburgh (Scotland) or Berlin-Brandenburg (Germany) and the companies Lufthansa, Air France-KLM or Turkish Airlines have also reported delays and cancellations.
In the United States, the crash of the Delta Air Lines, American Airlines and United Airlines systems has led to a series of cancellations and delays throughout the country that have caused a ‘domino effect’ for the entire planet. At the moment there are no figures on how many flights have been cancelled due to this computer failure. Some users have shared, through their social networks, how the airlines They filled out their boarding passes with pen and paper. given the impossibility of doing so electronically.
The chain of events has not affected the Internet or telecommunications, according to an analysis by NetBlocks, an organisation that monitors Internet outages in authoritarian states and documents disruptions in network connectivity globally. Its graphs show that the incidents in this regard have been minimal.
Error in chain
Although CrowdStrike has not officially acknowledged being the cause of the global computer outage, multiple specialists around the world and Azure itself have detected that the error is occurring in the interaction of computer systems with its security services. The company protects thousands of companies around the world. If a faulty update is released, it could be automatically installed on all devices protected by CrowdStrike almost immediately, since it has the highest priority.
If the update contains bugs, it could cause protected devices to crash, malfunction, or even stop working altogether, impacting your customers’ day-to-day operations. However, removing it or disabling CrowdStrike’s software could be a risky move, as corporate networks would be vulnerable to cyberattacks.
It is currently unknown whether Microsoft is just another affected company or whether the CrowdStrike update failure has in turn caused Azure services to go down. Azure is the second largest cloud operator worldwide only behind AWS (Amazon), so a system crash could lead to operational downtime and data loss in companies around the world. This could create a chain effect, where partners and customers of these companies would also be affected.
Source: www.eldiario.es