News

SINGAPORE – The tech outage that disrupted airports, hospitals, stock exchanges and media broadcasters worldwide was due to a double whammy of a flawed update from cyber-security firm CrowdStrike that affected Microsoft Windows devices, and a separate disruption of Microsoft’s Azure cloud services. Many of those affected on July 19 reported a “blue screen of death” that popped up on their Windows screens, grinding their computer systems to a halt. The outage, which , has been labelled the biggest tech outage in history by numerous IT experts. Microsoft said it fixed the underlying cause of the outage to its Azure cloud computing service after several hours. This had caused the outage of its Microsoft 365 cloud-based apps in the central US region, and brought down websites and services like some airlines’ booking and check-in systems hosted on Azure. Later the same day, CrowdStrike identified what was crashing Windows systems around the globe and issued a fix. Founded in 2011, the cyber-security firm headquartered in Austin, Texas, refers to itself on its website as a “leader in protecting customers around the world from cyber threats”. The firm uses cloud technology to protect devices connected to the internet and detect threats and vulnerabilities, helping it stop cyber breaches. It says its antivirus capabilities use machine learning to tackle malware and ransomware threats. CrowdStrike is one of the major players in the cyber-security industry, and in 2022 held an estimated market-leading 18 per cent share in the endpoint security market, ahead of other firms like McAfee. The software is used by organisations such as the Mercedes F1 team, the US government and Goldman Sachs, as well as Singapore companies like ST Engineering and Shopee, according to tech usage tracker TheirStack. CrowdStrike founder George Kurtz said the fault stemmed from a defect found in a content update issued on the morning of July 19 for the firm’s Falcon Sensor program used on Windows operating systems. Users on Mac and Linux operating systems were not affected, he said. The global IT outage affected industries ranging from airlines to healthcare to financial services. The travel sector appeared hardest hit. With their computer systems down, many airlines and airports from Singapore to Switzerland had to . Australian and British hospitals and broadcasters also reported being affected, while emergency response services in the US also faced disruptions. Mr Kurtz apologised for the wide-ranging disruptions during an interview with CNN, stressing that the outage was not a result of a security incident or cyber attack. “The issue has been identified, isolated and a fix has been deployed,” Mr Kurtz wrote on social media platform X at around 5.45pm Singapore time on July 19, nearly 12 hours after the first issues were reported by Microsoft. to its support portal for the latest updates, and to monitor for more technical faults. As the issue cannot be rolled out as a remote update, with each affected computer needing to be fixed manually, experts said it could take days before everything is back to normal. Some software programmers on social media have criticised CrowdStrike for deciding to push the update on a working day, while others have thanked the cyber-security firm in jest for giving them an earlier start to their weekend by disrupting their Windows-based work. Shares in the cyber-security group CrowdStrike were down some 20 per cent in pre-market trading on Wall Street on July 19. CrowdStrike is known for investigating Russia’s hacking and disinformation campaign during the 2016 US presidential election, won by Republican Donald Trump. The firm found that Russia had interfered with the polls by breaching the US Democratic Party’s networks and data – part of a manoeuvre to sabotage a bid by Trump’s rival Hillary Clinton to become US president. CrowdStrike also detected attacks on the US and South Korean governments made by North Korean actors, the Austin firm said in 2014, describing the cyber attacks as attempts to steal sensitive information and delete data on a large scale.