Angry Bear | July 20, 2024 7:00 am



Angry Bear (I) found this in my in box this Friday morning. Not much of a scoop now as the world knows about the issue. Let’s talk about why this tech outage occurred.

There does not appear to be a backup for failure of systems when one of significance fails. This baffles me as we always had a backup system in the past even if it was a manual lookup and a paper transaction. It appears we are too dependent on one layer of information and have relegated the security and accuracy of it to an outside company.

CrowdStrike suffers an error in programing and companies dependent upon their system lose the ability to conduct business. The company’s customers can not transact business. It appears we have been too dependent on a system which may be infallible 99% of the time. But there is always the “what-it” issue one must prepare for JIC.

In 1964, the movie “Fail Safe” was released. The plot? “A series of computer errors leading to human errors results in a squadron of American ‘Vindicators’ (B-58 bombers) to nuke Russia.” Off course commercial air liner is misidentified and results in the launch of one group of bombers who can not be recalled. Actually, two failures in the system. Moscow is bombed as well as NYC.

No backups in the companies served and no backup at CrowdStrike. Two failures and everyone else pasy for those failures.

Massive Global Tech Outage Grounding flights, Disrupting Banks and More . . .

by William Galvin

CrowdStrike, a widely-used cybersecurity firm, bungled a software update — plunging airports and businesses into chaos

On Thursday night, Austin, Texas-based CrowdStrike issued a regular software update to its Falcon Sensor software, which is designed to protect against malware and “much more.” The company says its system uses next-generation antivirus, endpoint detection and response, cyber threat intelligence, managed threat hunting capabilities, and security hygiene to protect customers.

In other words, it’s usually very good and relies on a lot advanced technology. But this time, a defect in the planned update impacted Microsoft’s Windows operating systems. Crowdstrike CEO George Kurtz wrote Friday morning on X.

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. This is not a security incident or cyberattack.”

AB: In other words we screwed up and here is no back up till we fix the defect. Read on . . .

What Happened

Separately, Microsoft said a configuration change affected its Azure cloud service, which caused an interruption affecting its Microsoft 365 products. Clients across the U.S. were affected by the outage, which left businesses unable to access Microsoft 365 services like Office and Teams.

Microsoft has also been affected by the CrowdStrike issues, which left users across the world grappling with the “Blue Screen of Death,” posting pictures of their frozen screens online as they were left unable to access corporate laptops and computers.

Troy Hunt, a security consultant and creator of “Have I Been Pwned?,” wrote on X.

“I don’t think it’s too early to call it: this will be the largest IT outage in history.”

CrowdStrike is what?

CrowdStrike is a widely used cybersecurity software provider. Its software detects and prevents hackers from accessing files on Microsoft computers. The Texas-based cybersecurity giant is used by government agencies and Fortune 500 companies.

Who Uses CrowdStrike?

More than half of Fortune 500 companies use CrowdStrike’s software, according to a promotional video from the firm earlier this year. As of March, at the end of the company’s fiscal year 2024, CrowdStrike had more than 29,000 subscription customers, excluding smaller customers served through its partners. It’s unclear exactly how many have been affected.

The outages have impacted more than 30,000 flights, according to FlightAware. In a statement the Federal Aviation Administration stated several airlines have requested assistance with ground stops. Delta Air Lines and United Airlines have resumed some flights. American Airlines has fully restored operations.

How serious?

– The issues spread to the London Stock Exchange, banks, McDonald’s stores, and even U.K. public broadcaster Sky News.

– Downdetector, an online service that tracks user-reported outages at major companies, has recorded growing outages at firms like Starbucks, Ticketmaster, BetMGM, and United Parcel Service.

– Royal Surrey Hospital in Guildford, England, declared a “critical incident” because of external issues that are affecting its systems, including one used to deliver radiotherapy treatments.

– Boston’s Mass General Brigham has canceled “all previously scheduled non-urgent surgeries, procedures, and medical visits.

– New York’s Memorial Sloan Kettering Cancer Center paused all procedures that require anesthesia.

– Health centers in Germany and Israel have also been affected.

– Global Payroll Association has said that clients are unable to access their software due to the outages, according to Finextra.

– Visa, Zelle, TD Bank, JPMorgan Chase Bank, and Bank of America have had issues Friday, according to DownDetector.

– Etc.

AB: I guess there is no backup?