American multinational corporation and technology company Microsoft, has reported that approximately 8.5 million of its devices were impacted by the global tech outage linked to cybersecurity firm Crowdstrike.
The company revealed that while the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.
This was revealed via a blog post titled “Helping our customers through the crowd strike”, where the company highlighted steps it has taken so far with providing customers with technical guidance, as well as developing scalable solutions.
Tekedia Mini-MBA edition 15 (Sept 9 – Dec 7, 2024) has started registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
Microsoft disclosed that although the incident was not company-related, however, given the impact on its ecosystem, it provided steps to remediate and support its customers.
The company wrote,
“Since this event began, we’ve maintained ongoing communication with our customers, CrowdStrike, and external developers to collect information and expedite solutions. We recognize the disruption this problem has caused for businesses and in the daily routines of many individuals. Our focus is providing customers with technical guidance and support to safely bring disrupted systems back online”.
Steps taken so far include:
- Engaging with CrowdStrike to automate their work on developing a solution. CrowdStrike has recommended a workaround to address this issue and has also issued a public statement. Instructions to remedy the situation on Windows endpoints were posted on the Windows Message Center.
- Deploying hundreds of Microsoft engineers and experts to work directly with customers to restore services.
- Collaborating with other cloud providers and stakeholders, including Google Cloud Platform (GCP) and Amazon Web Services (AWS), to share awareness on the state of impact we are each seeing across the industry and inform ongoing conversations with CrowdStrike and customers.
- Quickly posting manual remediation documentation and scripts found here.
- Keeping customers informed of the latest status on the incident through the Azure Status Dashboard here”.
Microsoft further noted that it has continued to work round the clock, providing updates and support, also noting that the Crowdstrike incident has helped it develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike’s faulty update. It also revealed that the company has worked with both AWS and GCP to collaborate on the most effective approaches.
Notably, Microsoft highlights the Crowdstrike incident, as a reminder of how important it is for all of the companies across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist.
Recall that on Friday 19, 2024, a global technology outage, linked to cybersecurity firm Crowdstrike, grounded flights, disrupted health services, crashed payment systems, and blocked access to Microsoft services in what experts believe is one of the largest IT failures in history.
The global outage stemmed from an update CrowdStrike made to its marquee cybersecurity platform, a cloud-based software product called Falcon. When CrowdStrike pushed an update to the Falcon software, which interacts with other parts of computer systems and software like Microsoft’s Windows products, it caused a malfunction that essentially disabled those systems and their widely used pieces of software the world over.
The software intended to protect against crashes and disruptions in vital computer systems ended up taking them down. CrowdStrike’s CEO, George Kurtz, apologized for the outage, which the company stated was due to a faulty piece of code.
The CEO wrote on Twitter,
“This is not a security incident or cyberattack. The issue has been identified, and isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.”
It is worth noting that the massive outage has prompted warnings by cyber-security experts and agencies around the world about a wave of opportunistic hacking attempts linked to the IT outage. Also, Cyber security agencies around the world have urged IT responders to only use CrowdStrike’s website to source information and help.
I’m glad they’re working on technical guidance and solutions to prevent this from happening again.