Cyber experts say vetting failed before global crash

Flights were grounded across the globe as the IT outage hit multiple airlines. (EPA PHOTO)

Security experts say CrowdStrike's routine update of its widely used cybersecurity software, which caused a global internet crash, apparently did not undergo adequate quality checks before it was deployed.

The latest version of its Falcon Sensor software was meant to make the systems of CrowdStrike's clients more secure against hacking by updating the threats it defends against. 

Faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies using Microsoft's Windows operating system. Global banks, airlines, hospitals and government offices were disrupted.

CrowdStrike released information to fix affected systems, but experts said it would time to manually weed out the flawed code.

"What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through," said Steve Cobb, chief security officer at Security Scorecard, which also had some systems impacted by the issue.

Problems came to light quickly after the update was rolled out, and users posted pictures on social media of computers with blue screens displaying error messages,  known in the industry as "blue screens of death."

Mass IT outage hits businesses, flights
Major airlines grounded flights, while others around the world reported delays and disruptions.

Industries from travel to finance were crippled for hours, highlighting the risks of a global shift towards digital, interconnected technologies.

CrowdStrike CEO George Kurtz said on social media platform X that a defect was found "in a single content update for Windows hosts" that affected Microsoft's customers and that a fix was being deployed.

"We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our company," Kurtz told NBC News' Today program.

Mass IT outage hits businesses, airports
Some airlines were forced to check in passengers manually, causing delays.

CrowdStrike shares plunged as much as 14.5 per cent shortly after the Wall Street open before paring losses to trade down 8.5 per cent. Its cyber rivals were up, with SentinelOne 3.6 per cent higher and Palo Alto Networks up 1.7 per cent.

Microsoft was down 0.2 per cent.

"Earlier today, a Crowdstrike update was responsible for bringing down a number of Windows systems globally. We are actively supporting customers to assist in their recovery," Microsoft chief communications officer Frank Shaw said in a post on X.

Patrick Wardle, a security researcher, said it was very common that security products updated their signatures, as often as once a day.

"Because they're continually monitoring for new malware and because they want to make sure that their customers are protected from the latest threats," he said.

The frequency of updates was "probably the reason why (CrowdStrike) didn't test it as much," he said.

Britain Worldwide Internet Outage
In the UK, the outage disrupted train services, GP clinics, Sky News and Manchester United.

While largely fixed, the cyber outage revealed the risks of an increasingly online world.

"This is a very, very uncomfortable illustration of the fragility of the world’s core internet infrastructure," said Ciaran Martin, professor at Oxford University's Blavatnik School of Government and former head of the UK National Cyber Security Centre. 

Accelerated by the COVID-19 pandemic, governments and businesses alike have become increasingly dependent on a handful of interconnected technology companies.

Airports from Los Angeles to Singapore, Hong Kong, Amsterdam and Berlin experienced problems including planes being grounded, flight delays and staff having to check in passengers manually.

Banks and financial services companies from Australia to India and Germany warned customers of disruptions and traders across markets spoke of problems executing transactions.

In Britain, booking systems used by doctors were offline, multiple reports posted on X by medical officials said.

Government agencies were also affected with the Dutch and United Arab Emirates' foreign ministries reporting some disruptions.

IT OUTAGE AUSTRALIA
Australian banks, media companies and retail businesses were hit by the outage.

"IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster," said Ajay Unni, CEO of StickmanCyber, one of Australia's largest cybersecurity services companies.

US-based CrowdStrike, with a market value of about $US83 billion ($A124 billion), is among leading cybersecurity companies, counting more than 20,000 subscribers around the world, its website showed.

The global impact of the outage reflects CrowdStrike's dominance. Over half of Fortune 500 companies and many government bodies such as the top US cybersecurity agency, use the company's software.

License this article

What is AAPNews?

For the first time, Australian Associated Press is delivering news straight to the consumer.

No ads. No spin. News straight-up.

Not only do you get to enjoy high-quality news delivered straight to your desktop or device, you do so in the knowledge you are supporting media diversity in Australia.

AAP Is Australia’s only independent newswire service, free from political and commercial influence, producing fact-based public interest journalism across a range of topics including politics, courts, sport, finance and entertainment.

What is AAPNews?
The Morning Wire

Wake up to AAPNews’ morning news bulletin delivered straight to your inbox or mobile device, bringing you up to speed with all that has happened overnight at home and abroad, as well as setting you up what the day has in store.

AAPNews Morning Wire
AAPNews Breaking News
Breaking News

Be the first to know when major breaking news happens.


Notifications will be sent to your device whenever a big story breaks, ensuring you are never in the dark when the talking points happen.

Focused Content

Enjoy the best of AAP’s specialised Topics in Focus. AAP has reporters dedicated to bringing you hard news and feature content across a range of specialised topics including Environment, Agriculture, Future Economies, Arts and Refugee Issues.

AAPNews Focussed Content
Subscription Plans

Choose the plan that best fits your needs. AAPNews offers two basic subscriptions, all billed monthly.

Once you sign up, you will have seven days to test out the service before being billed.

AAPNews Full Access Plan
Full Access
AU$10
  • Enjoy all that AAPNews has to offer
  • Access to breaking news notifications and bulletins
  • Includes access to all AAPNews’ specialised topics
Join Now
AAPNews Student Access Plan
Student Access
AU$5
  • Gain access via a verified student email account
  • Enjoy all the benefits of the ‘Full Access’ plan at a reduced rate
  • Subscription renews each month
Join Now
AAPNews Annual Access Plan
Annual Access
AU$99
  • All the benefits of the 'Full Access' subscription at a discounted rate
  • Subscription automatically renews after 12 months
Join Now

AAPNews also offers enterprise deals for businesses so you can provide an AAPNews account for your team, organisation or customers. Click here to contact AAP to sign-up your business today.

SEVEN DAYS FREE
Download the app
Download AAPNews on the App StoreDownload AAPNews on the Google Play Store