Many users woke up this morning to bad news in the middle of the summer holidays due to the crash of several companies’ computer systems. In particular, the latest CrowdStrike update appears to be behind the freezing of Microsoft’s Windows operating systems, the most widely used at the corporate level. Banks, airport and airline operators, online retailers, insurance companies, emergency and transport services, energy companies, and more are all being affected world-wide.
CrowdStrike is the cloud-based cybersecurity platform that serves many of these Windows-based companies. The Texas company has no direct relationship with the Washington one, but it is the firm that corporations rely, or used to rely, on to, ironically, protect them from cyberattacks and other digital security threats.
The problem this time, however, has not been the hackers, but the stability of the software itself. Employees, as reported by hundreds of users on social media, have woken up to what is known as a BSOD, or “Blue Screen of Death”, when booting up their Windows computers, a computer blackout that has prevented them from working effectively.
This serious incident is leading to situations of digital prehistory like“Y2K bug”. In the case of AENA in Spain, social channels are showing photographs of Spanish airports with the monitors switched off (and therefore omitting boarding and gate information), and travellers are seeing how they have to check in as if they were in the last century.
Microsoft itself is being affected beyond the image that the computer failure gives of its Windows operating system. Focused more than ever on services, it is no longer just a matter of booting up computers, or hardware: other users report that its Office 365 platform is also down (along with cloud hosting OneDrive), so workers who have started their normal working day should be wary of backing up their files locally for the time being.
The information available so far is very scarce, especially in the panic of all the companies affected in the early hours of Friday. Evidently, these companies have committed themselves to the generic “we are working on it to solve it as soon as possible”, but it seems that, at the moment, everything depends on the intervention of CrowdStrike itself.
And what is CrowdStrike’s response? The security company, according to agencies such as Reuters, has so far limited itself to acknowledging the problem, which it blames on one of its subsystems, known as Falcon Sensor. This agent acts as an intermediary or liaison between the terminals and the central cyber-protection services in the cloud. From the answering machine message picked up by agencies when calling customer service:
“CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor”.
We will continue to update this entry with the latest news and possible solutions suggested by affected users and companies.