A defective update from U.S. cybersecurity software company CrowdStrike crashed Microsoft Windows systems around the globe Friday. The tech outage disrupted operations across industries such as banks, hospitals and 911 call centers, plus grounded flights and hampered public transit systems and. Although a fix was deployed to restore most systems by the afternoon to return to normal, ripple effects may be felt throughout the weekend, experts warn.
CrowdStrike, which advertises being used by over half of Fortune 500 companies, said one of its recent content updates had a defect that impacted Microsoft’s Windows Operating System, adding the incident was “not a security incident or cyberattack.”
“Earlier today, a CrowdStrike update was responsible for bringing down a number of IT systems globally,” a Microsoft spokesperson said in a statement on Friday afternoon. “We are actively supporting customers to assist in their recovery.”
The company’s CEO, George Kurtz, apologized for the disruptions in a post on X, noting the issue has been identified and isolated and a fix has been deployed. CrowdStrike is “working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.” Meanwhile, Microsoft said, “the underlying cause has been fixed” and impacted Microsoft 365 apps and services have been recovered, though the company continues to monitor the issue.
Kurtz went on to warn in his statement, “We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”
In the U.S., thousands of flights were canceled Friday morning. American Airlines, Delta Air Lines and United Airlines were among those who grounded flights less than an hour after Microsoft said it resolved a cloud-services-related outage that impacted several low-cost carriers.
“Every line is long,” said Chance Ortego, 31, whose flight to New York was canceled Friday morning.
Public transit systems in the U.S. reported impacts. The Washington Metropolitan Area Transit Authority in Washington, D.C., said its “website and some of our internal systems are currently down,” but that trains and buses were running as scheduled. In New York City, the Metropolitan Transportation Authority also said its buses and trains were unaffected but that “some MTA customer information systems are temporarily offline due to a worldwide technical outage.” At 5:30 p.m., MTA posted on X, formerly Twitter, that arrival information for its trains and buses has been restored.
Around the world, the outages disrupted London’s Stock Exchange, caused major train delays in the U.K., sent British broadcaster Sky News off air, forced medical facilities in Europe and the U.S. to cancel some services and caused disruptions at airports in Europe, Singapore, Hong Kong and India.
Travel disruptions:Over 2,000 US flights canceled amid global IT outage
Developments:
◾ More than 5,000 flights were canceled globally as of 3:30 p.m. Eastern, about 4.6% of all scheduled commercial flights for the day, according to aviation analytics company Cirium.
◾ Some U.S. border crossings saw impacts amid the outage: Traffic stalled on the Ambassador Bridge, which connects Detroit with Windsor, Ontario, Canada, as well as at the Detroit-Windsor Tunnel, the Detroit Free Press reported. CBP One, the Customs and Border Patrol app, and the agency’s border wait times website, each appeared to experience outages.
◾ Krispy Kreme gave away free doughnuts Friday due to the global tech outage.
◾ Some Starbucks locations were reportedly taking only cash Friday, and customers reported being unable to use the coffee chain’s mobile app.
◾ Some had a sense of humor through it, with workers who had to muddle through expressing their wishes for a digital snow day from the office − “Knock Teams out” − as the outage didn’t equate to a work stoppage for all.
◾ Dubai International Airport said on X it was operating normally following “a global system outage that affected the check-in process for some airlines.” It added the affected airlines “promptly switched to an alternate system, allowing normal check-in operations to resume swiftly.”
CrowdStrike impact:How a global IT outage unraveled the world’s tech
How the CrowdStrike outage played out throughout the day:
Portland issues emergency declaration
Portland, Oregon, Mayor Ted Wheeler issued an emergency declaration Friday over the tech outage, with a statement noting the outages are affecting city servers, employee computers and emergency communications.
Meanwhile, the Maryland Department of Emergency Management increased its state activation level from “normal” to “partial,” citing the tech outage. A post on X says a “partial” activation is for incidents that require “significant monitoring or resources,” with additional emergency operations staffing from other agencies, functions and supporting organizations.
– Bailey Schulz
What is CrowdStrike?
CrowdStrike is a popular cybersecurity software company created in 2012 by CEO George Kurtz, along with Dmitri Alperovitch, and Gregg Marston.
According to its website, CrowdStrike has the “world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise.”
Alperovitch, CrowdStrike’s former Chief Technology Officer, is a member of the Biden administration’s Homeland Security Advisory Council, which is meant to provide advice and expertise to support decision-making “across the spectrum of homeland security operations.”
–Gabe Hauari, Bailey Schulz
What caused the CrowdStrike outage?
According to an alert sent by CrowdStrike to its clients and reviewed by Reuters, the company’s “Falcon Sensor” software caused Microsoft Windows to crash and display a blue screen, known informally as the “Blue Screen of Death.”
Kurtz said “there was an issue with a Falcon content update for Windows Hosts” but customers “remain fully protected,” according to a post on X. He also reiterated that Friday’s outage “was not a security or cyber incident.”
Anne Neuberger, deputy national security advisor for cyber and emerging technology, said she spoke to Kurtz Friday and confirmed the incident did not appear to be related to a cyber attack.
“At this point, we believe that it is an IT-related patch, an issue with that patch,” she said while speaking at the Aspen Security Forum in Colorado. “I think they’re determining what went wrong there.”
–Gabe Hauari, Bailey Schulz
‘I’m just hoping to make it onto a flight’
Chance Ortego had reached the finish line of a nearly two-week work trip when he saw the news all air travelers dread: his flight was delayed.
Ortego was in the AirTrain en route to his flight from San Francisco International Airport when he heard other travelers discussing the outage. After checking the status of his 7:05 a.m. Delta Air Lines flight to New York – which was pushed back nearly three hours – he rebooked another flight at 9:15 a.m.
He later learned his original flight had been canceled. Ortego was among the thousands of passengers around the world facing delays, cancellations and problems checking in as airports and airlines were caught up in a massive IT outage that grounded U.S. flights early Friday.
“I was already planning to sleep,” said Ortego, who works in health care. “Now I’m just hoping to make it onto a flight.”
Inside the airport, there was more chaos than a typical travel day as airlines recovered from the outage. Many screens were blank except for an error message and airport personnel made announcements directing questions about flights to airlines.
All U.S. airlines issued travel waivers for those affected to easily rebook their plans. Those who opted to cancel can rest easy knowing the Department of Transportation classified the cancellations and delays as controllable, thus airlines are responsible for upholding the commitments they’ve made to customers when it comes to policies like rebooking or hotel and meal vouchers as the mess gets sorted out.
– Nathan Diller
Impact on the economy
The outage isn’t expected to have any effect on the broader economy unless it persists for days.
“At this point, the IT outage is more a nuisance than an economic event,” says Mark Zandi, chief economist of Moody’s Analytics. “If it drags on into early next week, the economic damage will begin to mount.”
If the outage is limited to a day or two, canceled flights can be rebooked and banking transactions can be completed later.
“There is plenty of time for activity to be recovered over the remainder of the month,” says Jonathan Miller, senior U.S. economist at Barclays.
– Paul Davidson
Outage impacts US public transit websites, ticketing
Major cities were generally able to keep trains and busses running, but tech issues have been causing problems with ticketing and other tech systems, leading to delays in some cases.
The Washington, D.C., Metropolitan Area Transit Authority reported website and other tech issues, but said trains and buses were running as scheduled.
The Metropolitan Transportation Authority in New York City reported problems with “customer information systems” but said it’s buses and trains were unaffected. The Port Authority of New York and New Jersey said it was not affected but urged riders who might be using public transit to any area airports to check with their airlines before traveling for updates.
New Jersey Transit said some of its ticketing machines may have been impacted but its buses and trains were, for the most part, running on time. Some trains were out of operation Friday due to repairs that had to be made because of the intense heat that blanketed the region all week.
The Chicago Tribune reported Friday morning that commuter rail lines were affected, though it noted traffic is typically lighter on Fridays than other days. Delays on some lines were as long as 45 minutes, the Tribune reported. Chicago Transit bus and rail service was not affected but some CTA customers were unable to add value to their payment cards via the app or machines overnight, but the issue has been resolved.
Some transit systems, including Metro Transit in Minneapolis and Cincinnati Metro reported temporary disruptions to websites, trip planners, social media and other applications but no impact to its bus or trains.
– Phaedra Trethan
Despite summer break, schools disrupted by IT issues
The CrowdStrike outage crashed some computers at colleges Friday and hampered a popular software for enrolling students in K-12 schools for the fall.
The University of Rochester, a private school in New York, told students to keep rebooting their systems until the problem was fixed. The University of Alabama’s technology office said its campus computers using Microsoft Windows crashed. Rutgers University and the University of Kentucky also reported disruptions.
Despite the summer break, K-12 schools in Maryland and Kansas said they were having problems with PowerSchool, a widely used software for grading and student enrollment. An update posted to the company’s webpage Friday morning said the outage was impacting all its major products, including its enrollment feature.
– Zachary Schermele
911 call centers disrupted
State and local law enforcement agencies across the country reported disruptions to 911 services after the outage hit.
National reports of 911 outages peaked at more than 100 on Friday just before 3 a.m. according to Downdetector.
Agencies in at least seven states reported temporary outages, including the St. Louis County Sheriff’s Office and Faribault Police Department in Minnesota, 911 systems New Hampshire, Fulton County, Indiana, and Middletown, Ohio.
Non-emergency and 911 calls to multiple dispatch centers in Alaska “were not able to be answered” for around seven hours overnight, Austin McDaniel, communications director for the Alaska Department of Public Safety, told USA TODAY in an email.
“Dispatch centers switched to analog phone systems or to partner dispatch centers that were not impacted to continue taking calls,” he wrote. Systems in the state were back up as of 4:23 a.m. local time.
The Phoenix Police Department was also impacted ‒ 911 call centers could take calls, but had to dispatch officers manually, the Arizona Republic, part of the USA TODAY Network, reported.
The Federal Communications Commission said in an email to USA TODAY that it was aware of reports of disruptions to 911.
“We’re closely working with other federal agencies to provide assistance and determine the extent of these service disruptions.”
– Cybele Mayes-Osterman
Biden briefed on global outage as federal agencies assess impacts
President Joe Biden has been briefed on the CrowdStrike outage and his team is in touch with the cybersecurity firm, as well as with impacted companies and agencies, according to the White House. Biden will receive “sector-by-sector updates throughout the day and is standing by to provide assistance as needed,” the White House added.
Meanwhile, the Department of Homeland Security said in a statement it is working to “fully assess and address system outages.”
DHS added it’s working alongside the Cybersecurity and Infrastructure Security Agency as well as CrowdStrike, Microsoft and federal, state, local and critical infrastructure partners to get a grasp on the incident and its impacts.
Over 2K US flights canceled amid outage
Several U.S. carriers, including American Airlines, United Airlines, and Delta Air Lines, issued ground stops for all their flights early on Friday due to communication problems, according to the Federal Aviation Administration.
The FAA said operations were no longer impacted as of 10:53 a.m. ET, but it continues to monitor the situation and warned the global IT issue could continue to affect flights this weekend.
There were more than 2,500 U.S. flights canceled and more than 7,900 delays as of 3:25 p.m. EDT, according to flight-tracking website FlightAware.
Most airlines were able to resume operations as the morning progressed, but many said they expected disruptions to continue throughout the day.
Read more about the outage’s travel impacts
Hospitals cancel nonemergency services
Hospitals across the U.S. and overseas were impacted by the outage, which forced some to cancel elective surgeries and halt visitations as well as outpatient services.
Mass General Brigham in Boston canceled previously scheduled nonurgent surgeries, procedures and medical visits, according to a statement sent to USA TODAY. In the same area, Tufts Medical Center told media outlet WHDH it’s still assessing the outage’s effect on clinical and surgical operations.
In Texas, Ben Taub Hospital and Lyndon B. Johnson Hospital suspended “hospital visitation and patient information,” citing a “Microsoft Windows failure,” according to a statement from Harris Health System. Cincinnati Children’s Hospital said many of its Microsoft-based computer systems are down because of the outage, which forced the hospital to cancel early morning appointments.
“We are in touch with the hospital field and the federal government and monitoring the situation closely to better understand its scope and impact,” said John Riggi, the American Hospital Association’s national adviser for cybersecurity and risk.
Two hospitals in northern German cities canceled elective operations scheduled for Friday but continued to provide patient care and emergency services.
Outages exposes fragility of internet infrastructure
While there were reports of companies gradually restoring their services, analysts weighed the potential of what one called the biggest-ever outage in the industry and the broader economy.
“This is a very, very uncomfortable illustration of the fragility of the world’s core Internet infrastructure,” Ciaran Martin, Professor at Oxford University’s Blavatnik School of Government and former head of the U.K. National Cyber Security Centre, told Reuters.
“IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster,” said Ajay Unni, CEO of StickmanCyber, one of Australia’s largest cybersecurity services companies.
– Reuters
Outages ripple far and wide
From the United Kingdom to Singapore, the effects of tech outages were far-reaching on Friday.
British broadcaster Sky News went off-air and train companies in the U.K. reported long delays. Departure boards at several U.K. airports appeared to freeze, according to passengers who posted reports on social media.
London’s Stock Exchange reported experiencing disruptions. Some hospitals also reported difficulties processing appointments and several chain retail stores said they couldn’t take payments. The soccer club Manchester United said on X that it had to postpone a scheduled release of tickets.
In Australia, media, banks and telecoms companies suffered outages.
There was no information to suggest the outage was a cybersecurity incident, the office of Australia’s National Cyber Security Coordinator Michelle McGuinness said in a post on X.
New York’s Metropolitan Transportation Authority said some of its systems were offline due to a worldwide technical outage, but have since been restored. It said MTA train and bus services were unaffected.
Spanish authorities reported a “computer incident” at all its airports.
Berlin’s main airport said check-ins were delayed because of a “technical fault.”
Ryanair, Europe’s largest airline by passenger numbers, warned passengers of potential disruptions which it said would affect “all airlines operating across the Network.” It did not specify the nature of the disruptions.
There were reports a shipping terminal in Gdansk on Poland’s Baltic coast was not operating normally.
NetBlocks, a digital-connectivity watchdog, said that the outage reported by global airlines, corporates and infrastructure services firms and others was having “minimal” impact on global Internet connectivity.
Contributing: Reuters