CrowdStrike glitch affected 8.5 million Windows devices – Microsoft says
Microsoft says it estimates that a CrowdStrike update – which caused a mass IT outage worldwide on Friday – affected 8.5 million Windows devices. The tech giant, which says it was not responsible for the IT glitch, adds that the figure accounts for less than 1% of all Windows machines worldwide. Microsoft ‘working around the […]
Microsoft says it estimates that a CrowdStrike update – which caused a mass IT outage worldwide on Friday – affected 8.5 million Windows devices.
The tech giant, which says it was not responsible for the IT glitch, adds that the figure accounts for less than 1% of all Windows machines worldwide.
Microsoft ‘working around the clock to provide support’
The 8.5 million Windows devices affected by the IT outage accounts for less than 1% of all machines worldwide. Microsoft says that the “broad economic and societal impacts” shows the use of CrowdStrike “by enterprises that run many critical services”.
Microsoft can be very accurate on how many Windows devices were disabled by the outage as it has performance telemetry to many by their internet connections.
The firm says its “’working around the clock” to provide “ongoing updates and support”, with help from CrowdStrike.
The tech giant, which stresses that this was not an issue caused by its software, says the incident highlights how important it is for companies to “prioritise operating with safe deployment and disaster recovery using the mechanisms that exist”.
IT outage likely to be the largest ever
We now we have a number on how bad the IT outage may have been in terms of disabled computers worldwide.
It’s fair to say this is probably the largest ever cyber event eclipsing all previous hacks and outages.
The closest to this is the WannaCry cyber attack in 2017 that is estimated to have impacted around 300,000 computers in 150 countries. There was a similar costly and disruptive attack called NotPetya a month later.
There was also a major six hour outage in 2021 at Meta, which runs Instagram, Facebook and WhatsApp – but that was largely contained to the social media giant and some linked partners.
China swerved worst of global tech meltdown – here’s how
While most of the world was grappling with the blue screen of death on Friday, one country that managed to escape largely unscathed was China.
The reason is actually quite simple: CrowdStrike is hardly used there.
Very few organisations will buy software from an American firm that, in the past, has been vocal about the cyber-security threat posed by Beijing.
Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers.
So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities.
Over recent years, government organisations, businesses and infrastructure operators have increasingly been replacing foreign IT systems with domestic ones. Some analysts like to call this parallel network the “splinternet”.
“It’s a testament to China’s strategic handling of foreign tech operations,” says Josh Kennedy White, a cybersecurity expert based in Singapore.
How hackers could take advantage of IT outages
Whenever there is a major news event, especially one linked to technology, hackers respond by tweaking their existing methods to take into account the fear and uncertainty.
We saw the same with the Covid-19 pandemic when hackers adjusted their phishing email attacks to offer information about the virus and even pretend to have an antidote in order to hack people and organisations.
Because the IT outage has been a global news story we are seeing hackers capitalise.
According to researchers at Secureworks, there has already been a sharp rise in CrowdStrike-themed domain registrations – hackers registering new websites made to look official and potentially trick IT managers or members of the public into downloading malicious software or handing over private details.
The advice is mainly for IT managers who are the ones being affected by this as they try to get their organisations back online.
But individuals too might be targeted, so experts are warning to be cautious and only act on information from the official CrowdStrike channels.
Staying safe online: Key tips to avoid scamspublished at 16:0416:04
Tom Gerken
Technology reporter
With many of the outages being resolved, the big development today has really been around security agencies, who are each warning of an increase in scams relating to CrowdStrike.
You may be wondering what you need to do.
The National Cyber Security Centre (NCSC) and others are specifically warning about phishing attacks – where scammers try to trick people into handing over their financial details.
Once someone pays up, the scammers either vanish without a trace, or will try to scam them out of more money through follow-up messages.
These sorts of scams have been around for decades and being aware of it them important, but prevention is better than intervention.
The NCSC advises people to think about the information they share online – because cyber criminals will grab all the info they can get to make their scams more convincing – and the simplest thing you can do with the biggest impact is to review the privacy settings on your social media accounts.
What's Your Reaction?