Experts warn – IT problems may take days to resolve

July 19, 2024
1 min read




Article Summary

TLDR:

  • Cyber-security firm Crowdstrike caused a global IT outage with an update that crashed Microsoft systems.
  • Fixing the issue will require a manual process that will take time for large organizations.

The article discusses how Crowdstrike’s update caused a global IT outage that led to thousands of flight cancellations and affected sectors such as banking and healthcare. The issue was caused by a defect in a “content update” sent to customers overnight, which crashed their computers upon startup. The CEO of Crowdstrike, George Kurtz, apologized for the impact and mentioned that a software fix was deployed, but it would require a manual solution known as “fingers on keyboards,” which could take days to implement at scale.

The outage has highlighted the challenges faced by IT teams in large organizations, as each affected computer needs to be rebooted individually in ‘Safe Mode’ to remove the faulty update. This process is time-consuming and poses difficulties for companies without dedicated IT teams or outsourcing their IT solutions. While some companies like American Airlines have rapidly addressed the problem, others are facing significant delays in the recovery process.

Additionally, the article mentions the comparison with previous cyber-attacks like WannaCry and NotPetya, noting that the current IT outage is a mistake from a cyber-security vendor rather than a deliberate attack. This incident emphasizes the importance of diligence in handling software updates and raises questions about the impact of minor updates causing significant disruptions.

Overall, the article highlights the complexity of resolving IT issues caused by software updates and the challenges faced by organizations in recovering from such global outages.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and