Global IT outage: CEO Satya Nadella says Microsoft working with CrowdStrike to resolve the issue; 8 key takeaways

Airports in India, the US, Australia, UAE, Singapore, Hong Kong, and Malaysia witnessed their booking systems fail, pushing staff to manually check-in passengers. Airports around the world had similar scenes of chaos and confusion, with many passengers thronging arrival halls after flights were delayed or cancelled. Following the outage, several American carriers also grounded their aircraft for hours due to issues with communication. Meanwhile, several airliners in Europe suspended their operations momentarily. 

Hours after the outage, Microsoft announced that the Central US region had resumed operations. Over the course of the day, Microsoft on its official X account Microsoft 365 shared updates on the status of its service. As of 8:13 pm IST, the tech giant said that it has completed its mitigation efforts and that its telemetry indicated all previously impacted Microsoft 365 apps and services have been recovered. “ We’re entering a period of monitoring to ensure the impact is fully resolved. For more information, see MO821132 within the admin center,” the company said in its official post.

Eventually, it became clear that the outage the impacted airlines was not caused by a Windows outage, but a glitch in cybersecurity software from CrowdStrike. 

Here are the major developments of the day following one of the biggest-ever IT outages.

1. 01

   Satya Nadella acknowledges the issues

   Even as the world scrambled to get a grasp over what was unfolding, many awaited official confirmation from Microsoft. On Friday evening, Microsoft CEO Satya Nadella took to X to share a post acknowledging that on July 19 Crowdstrike released an update that began impacting the IT systems worldwide. “We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online,” Nadella said in his post.

   Yesterday, CrowdStrike released an update that began impacting IT systems globally. We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online.

   — Satya Nadella (@satyanadella) July 19, 2024

2. 02

   How did it begin?

   In the late evening of Thursday, several users in the Central US region experienced issues with Azure services and its Microsoft 365 suite of apps. The issues reported were related to failures with service management operations and connectivity or availability of services. Most of the users were not able to access apps like OneNote, OneDrive, Defender, SharePoint, Windows 365, Teams, etc. Though some of these apps are now back online.

   Reportedly, companies in Australia were the first to report the error after several broadcasters and banks were unable to access their Windows machines. Most of them were shown the blue screen of death (BSOD), a window that appears when a system fails to boot properly. By the time European nations embarked on their workday, it was reported that this had become a global problem impacting several industries across the globe.

3. 03

   Impact on Airlines

   Following the outage, perhaps the most obvious consequence was the disruption of travel. Several flights around the world were reported to be grounded after the glitch. In the UK, it was reported that Sky News could not broadcast its bulletin, and hospitals and clinics were unable to follow through with their patient appointments. 

   Airlines today heavily rely on software that runs on Windows. This resulted in a disruption in Check-ins, boarding, and other critical operations. The glitch in CrowdStrike led to delays and cancellations as airlines were struggling to manage check-in, booking, and other routine activities.

4. 04

   What Microsoft said

   To make it clear there have been two separate instances -  one is the Microsoft 365 crash owing to the outage in Azure cloud services, second is the BSOB or blue screen of death crash of PCs which is linked to CrowdStrike software update.

   Microsoft said that the root cause of this outage was a configuration change in the backend of Azure cloud computing services. So this change led to users being unable to use the apps that relied on Azure for connectivity.

   As the day progressed, several users took to X sharing the blue screen of death, a screen that comes up when your Windows system has crashed. Several discussion forums like Reddit and others pointed out that this system crash could be due to a recent Crowdstrike update.

5. 05

   What is CrowdStrike’s role in the outage?

   Eventually, it came to be known that the issues with airlines and BSOB were caused by a faulty update that was pushed through CrowdStrike, a US-based cybersecurity firm. This meant that affected devices were unable to load for many businesses. On Friday morning, CrowdStrike in a support note said that it had identified the issue and reverted to it. However, the company said that the fix could only prevent more machines from BSOD and may not be able to recover those that have already been impacted.

   CrowdStrike CEO George Kurtz took to his X account to say that the issue was caused by a single update for Windows hosts and that the issue has been identified and isolated, and a fix has been deployed. Even though the fix has been deployed, the after-effects of the issues seem to be persisting.

   CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…

   — George Kurtz (@George_Kurtz) July 19, 2024

6. 06

   Is this a cyberattack?

   Following the incident, CrowdStrike CEO George Kurtz in his second post on X maintained that the events that unfolded in the last 24 hours were not the result of a ‘security or cyber incident’. 

   "We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on. As noted earlier, the issue has been identified and a fix has been deployed. There was an issue with a Falcon content update for Windows Hosts." Based on his statement, it seems malicious actors have been ruled out and it seems more like an IT glitch.

7. 07

   Why it may take longer to fully resolve the issue

   Although CrowdStrike says the faulty update has been rolled back, this does not mean that it could help businesses that have been impacted. To understand this, it needs to be noted that CrowdStrike software which is the root cause of the issue runs at a deeper level in affected computers and systems. This makes it a big challenge for the companies to get these systems to start running smoothly again. Also, the servers that contain the information vital to these systems’ functioning are caught in a loop of crashing and rebooting. Reportedly, the CrowdStrike software in question operates at the kernel level of a computer which is much deeper than ordinary apps like browsers or games. Running on this level is critical as it lets the software detect cyberattacks. However, corrective measures will also include manual rebooting as CrowdStrike has claimed that the issue is recoverable. For businesses with thousands of PCs, and laptops, this could be a long winding process and something they would have to do over and over again.

8. 08

   Impact on India

   The IT outage led to significant consequences in India as it impacted multiple sectors. The Reserve Bank of India said that minor disruptions in 10 banks and NBFCs were resolved instantly. In the aviation sector, it led to delays and cancellations of flights. While five Indigo Flights from Goa’s two Airports were cancelled, several others faced delays owing to the manual distribution of boarding passes and luggage tags. A similar situation prevailed in Chattisgarh’s Raipur Airport as nine IndiGo flights were cancelled including five departures and four arrivals, Kolkata Airport so 25 flights were cancelled and numerous delays. The Indian Computer Emergency Response Team (CERT-In) issued an advisory linking the outage to a recent CrowdStrike update, which caused systems to display the Blue Screen of Death (BSOD) error messages.