Jump directly to the content

HACKERS could shut down systems across the world with an attack that replicates today's global IT outage.

That's the warning from cybersecurity experts who say "we must learn" from today's worldwide computer bungle.

Travelers walk past a monitor displaying a blue error screen, also known as the “Blue Screen of Death” inside Newark International Airport
2
Travelers walk past a monitor displaying a blue error screen, also known as the “Blue Screen of Death” inside Newark International AirportCredit: Reuters

Computers booting up on Friday, July 19 were faced with a "Blue Screen of Death".

It's impacted airlines, broadcasters, supermarkets, banks, and more around the world – and a rogue update has been blamed.

The outage has been linked to CrowdStrike, which provides security tech for businesses.

And experts have told The U.S. Sun how hackers could exploit a similar trick to cause mass IT chaos.

"This is similar to a supply chain attack," said Martin Jartelius, Chief Security Officer at Outpost24.

"If an attacker had backdoored such an update to open systems to attacks or to encrypt them, the exact same systems would have been impacted.

"This is why supply chain attacks and defence has been increasingly important."

The update affected Windows machines around the world, preventing PCs from booting up and even turning servers off.

Airlines ground planes over ‘comms outage’ and flights forced to stay in air from global cyber outage

This has had knock-on effects on systems around the world.

The outage first showed up in Australia as the country woke up to the faulty update.

"This incident serves as a crucial reminder of the importance of the robustness of our security and availability, which hinge on the reliability of our service providers," Martin said.

In the UK, Sky News went off air completely – and summer flights were delayed.

We woke up to see IT issues essentially spreading across the globe, almost in the same way as COVID-19

Adam PiltonSecurity expert

CROWDSTRIKE BLAMED – CEO'S FULL REPLY

Here's an official statement from CrowdStrike CEO George Kurtz...

“Today was not a security or cyber incident.

“Our customers remain fully protected.

“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption.

“We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.

“As noted earlier, the issue has been identified and a fix has been deployed.

“There was an issue with a Falcon content update for Windows Hosts. For the latest information that we will continuously update, please refer to the CrowdStrike website, my posts on LinkedIn, and my posts on X.

“ will continue to provide updates to our community and the industry as they become available.”

US airlines also experienced communications issues as a result of the outage.

Security expert Adam Pilton told us that the bungled update is like a virus spreading across the world.

"This morning, we woke up to see IT issues essentially spreading across the globe, almost in the same way as COVID-19," Adam said.

He said there's "no reason to be fearful" because it's just an update this time – but that might not be the case next time.

People wait at Los Angeles International Airport (LAX) amid a global IT outage, in Los Angeles, California
2
People wait at Los Angeles International Airport (LAX) amid a global IT outage, in Los Angeles, CaliforniaCredit: Reuters

"We must learn from this," Adam said.

"Now today's issue appears to be a technical issue coming from poor practice and ultimately an erroneous update.

"But we must also consider if a cyber-criminal had taken down CrowdStrike or any other large player within the supply chain, what would the consequences be? Today's event has demonstrated this."

And speaking to The U.S. Sun, Jano Bermudes, partner at security firm CyXcel, added: "Ransomware groups and malicious actors will be looking on in envy at the disruption caused this morning."

What is CrowdStrike?

THE global cyber outage affecting TV channels, banks, hospitals, airports and emergency services appears to relate to an issue at cybersecurity firm CrowdStrike.


IT security firm CrowdStrike ran a recorded phone message on Friday - saying it was aware of reports of crashes on Microsoft's Windows operating system relating to its Falcon sensor.

A prerecorded message said: "Thanks for contacting CrowdStrike support. CrowdStrike is aware of reports of crashes on Windows... related to the Falcon sensor."

The Falcon system monitors the computers it is installed on and detects hacks and bugs before responding to them.

CrowdStrike, headquartered in Austin, Texas, says it is a global security leader which provides an advanced platform to protect data.

A CrowdStrike update on Friday is said to have caused a critical error in Microsoft operating systems, affecting millions worldwide.

The company regularly updates systems with new anti-virus software

Toby Murray, associate professor in the School of Computing and Information Systems at The University of Melbourne, Australia said: "If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons .

"One: Falcon is widely deployed on many computers, and two: because of Falcon's privileged nature.

"Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats.

"It is possible that today's outage may have been caused by a buggy update to Falcon.".

Cyber expert Troy Hunt told Australian TV network Seven: “It looks like they've pushed a bad update, which is presently nuking every machine that takes it.”

CrowdStrike has admitted responsibility for the mass outage.

In a post to X, formerly Twitter, CEO George Kurtz said: "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts."

He added that a fix has been deployed to prevent more computers going offline.

In a statement sent to The U.S. Sun, CrowdStrike said: "This is not a security incident or cyberattack.

Our team is fully mobilized to ensure the security and stability of CrowdStrike customers

CrowdStrike

"The issue has been identified, isolated and a fix has been deployed.

"We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.

"We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels.

"Our team is fully mobilized to ensure the security and stability of CrowdStrike customers."

READ MORE SUN STORIES

IT OUTAGE SCAMMERS – BEWARE!

Beware the scammers, warns Sean Keach, The Sun's Head of Technology and Science.

This is going to cause a flurry of dangerous online scams.

Whenever major tech events happen like this, the criminals come crawling out of the woodwork to take advantage of innocent internet users.

You might find yourself receiving strange calls, texts, or emails, warning you about a hack and asking for info.

So be extremely cautious if you’re being asked for personal data, like your credit card info or phone number, to fix this IT outage.

You might also be told you need to download some security software urgently.

That’s another classic scam that lets crooks install dangerous malware on your machines.

Don’t fall for it: your computer should be totally fine, so you don’t need to take any action as a regular person.

This wasn’t a cyberattack – it’s just a bad computer update for businesses. Don’t listen to the scammers.

A Microsoft spokesperson told The U.S. Sun. “Earlier today, a CrowdStrike update was responsible for bringing down a number of IT systems globally.

"We are actively supporting customers to assist in their recovery.”

Topics