- Defend & Conquer Weekly Cybersecurity Newsletter
- Posts
- Global Outage: Microsoft and CrowdStrike Impact
Global Outage: Microsoft and CrowdStrike Impact
CybersecurityHQ News Special Report
Daniel Michan
19 Jul
Welcome reader to your CybersecurityHQ report
A significant global outage recently affected numerous sectors, including airlines, hospitals, and retailers, due to issues with widely used Microsoft systems. The root cause involves two separate incidents affecting Microsoft’s cloud service, Azure, and an update from CrowdStrike.
On Thursday, an Azure outage disrupted services for clients in the central United States, including airlines. Microsoft acknowledged the issue, which affected Microsoft 365 apps like Teams, and worked to restore services. The problem stemmed from Azure’s infrastructure, causing a ripple effect on dependent services.
The following day, a flawed CrowdStrike update caused problems for many Windows devices. The update impacted CrowdStrike’s Falcon Sensor software, critical for cybersecurity tasks, leading to widespread disruptions. CrowdStrike’s CEO, George Kurtz, stated that the defect in a single content update for Windows hosts was identified and isolated, with a fix deployed. However, the recovery process involves manually rebooting computers into safe mode, deleting specific files, and restarting normally—a cumbersome solution given the scale of the affected devices.
Security expert Lukasz Olejnik emphasized the challenges of this manual fix, noting that automating the process at scale is not feasible. The incident underscores the difficulty of addressing such outages swiftly, especially for organizations lacking well-staffed IT teams. The critical nature of the Falcon Sensor software, which requires full system privileges to detect malicious activities, exacerbates the consequences of such a flawed update.
The possibility of a connection between the Azure outage and the CrowdStrike update was suggested by cybersecurity consultant Thomas Parenty. If related, the issue could stem from CrowdStrike’s update affecting systems that facilitate Azure connections. This potential link highlights the interdependence and fragility of modern technology infrastructures.
Ciaran Martin, former Head of Britain’s National Cyber Security Center, pointed out the fragility of the global internet infrastructure, as evidenced by the outage's widespread impact. He also criticized the lack of accountability for software companies, suggesting that without economic and legal repercussions, there is little incentive for these companies to implement more robust changes to prevent such incidents.
In summary, the recent global outages caused by issues with Microsoft Azure and a flawed CrowdStrike update highlight the vulnerability of interconnected technology systems and the significant challenges in addressing widespread disruptions. The incidents also raise questions about the accountability of software companies and the need for more stringent measures to ensure the reliability and security of critical digital infrastructure.
Stay Safe, Stay Secure.
The CybersecurityHQ Team