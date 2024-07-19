Sign up for afaqs! Newsletters
The outage, reportedly linked to a new CrowdStrike update, caused widespread disruptions, including issues for airlines, banks, and media outlets.
In an unprecedented global outage, Microsoft services including Microsoft 365, Azure, and Teams faced significant disruptions, affecting millions of users and businesses worldwide.
The outage, attributed to a new update from cybersecurity firm CrowdStrike, caused substantial operational challenges for airlines, banks, stock exchanges, healthcare services, and media outlets. The impact was notably severe in India, where numerous sectors experienced major setbacks.
The outage severely impacted air travel, grounding flights and causing extensive delays. In India, airlines such as IndiGo, Akasa, Air India, and SpiceJet faced operational challenges, leading to long queues and flight delays at major airports, including Delhi and Mumbai. Similarly, US carriers like Frontier Airlines, Allegiant, and Sun Country reported issues affecting their services.
In a standard advisory, Air India reported that its digital systems were temporarily affected by the ongoing Microsoft outage, leading to delays.
KLM Royal Dutch Airlines announced it was forced to suspend most operations due to the outage. Berlin Airport halted all flights, and Amsterdam's Schiphol Airport, one of Europe's busiest hubs, reported significant disruptions. Major US airlines, including American Airlines, Delta, and United, also grounded flights.
According to aviation analytics firm Cirium, over 1,000 flights have been cancelled worldwide today, with the number expected to increase.
The outage disrupted operations of stock exchanges globally. The London Stock Exchange faced technical issues, and several brokerage firms, including Nuvama, Edelweiss, and Motilal Oswal in India, reported disruptions. Payment systems worldwide, including in India, were also affected, causing delays and service interruptions.
Healthcare services were hit hard, with hospitals and clinics unable to access patient records, test results, or medication histories. In the UK, GPs prioritised emergency cases due to the outage, leading to a backlog in clinical documentation. German hospitals cancelled elective surgeries, and emergency services in the US, including 911 call centres, faced disruptions.
News services across the globe were disrupted. Britain's Sky News and Australia's ABC News were unable to broadcast live. The Associated Press faced intermittent service disruptions, and several telecommunications providers in Australia and New Zealand reported outages.
Instagram experienced a global outage, leading to login problems for users, as reported by DownDetector. By 1:15 pm in India, around 170 outage reports had been logged. The Instagram issue compounded the widespread disruption, further affecting users' access to social media platforms.
Microsoft has identified the following services as affected:
Microsoft 365 Admin Center: Admins may face intermittent access issues, with delays in any actions if access is possible.
Microsoft Fabric: Users might notice the service is in read-only mode during the resolution process.
Microsoft Purview: Users may experience delays in event processing.
Microsoft Teams: Users may be unable to use certain functions, such as presence indicators, group chats, and user registration.
PowerBI: Users may experience that the service is in read-only mode while issues are being addressed.
Viva Engage: Users may have difficulties accessing Viva Engage.
The outage triggered the infamous "Blue Screen of Death" on Windows operating systems, signaling severe system errors. This issue disrupted users' access to various Microsoft apps and services worldwide, including Microsoft 365, Microsoft Teams, and Microsoft Azure.
Microsoft's 365 account on X (formerly Twitter) confirmed that investigations and mitigation efforts are ongoing.
The company stated, "Multiple services are continuing to see improvements in availability as our mitigation actions progress." Microsoft 365 also posted on X that they are "working on rerouting the impacted traffic to alternate systems to alleviate the impact more quickly" and that they are "observing a positive trend in service availability."
Microsoft attributed the outage to a "configuration change in a portion of our Azure backend workloads," which caused connectivity failures. The problem is associated with CrowdStrike’s Falcon sensor. Users have reported on social media that the tech glitch has led to Windows machines encountering blue screen errors and getting stuck in a recovery loop.
CrowdStrike CEO George Kurtz clarified that the issue was due to a defect in a single content update for Windows hosts, not a security incident or cyberattack. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed," Kurtz stated.
The Indian government, through the Ministry of Electronics and Information Technology, is in discussions with Microsoft to resolve the issue.
Indian IT Minister Ashwini Vaishnaw confirmed that the reason for the outage had been identified and updates were released to resolve it. "We are in touch with Microsoft to expedite the resolution of this global outage that has disrupted flights, supermarkets, banking operations, and multiple sectors," he said.
Professor Jill Slay, the University of South Australia’s SmartSat Chair for Cybersecurity, described the outage's global impact as "enormous" but cautioned that it was "too early to draw conclusions" on its cause. "There is currently a major global technical outage affecting multiple companies and services," she told CNN. "Authorities and industry will be monitoring, but at this stage, it is too early to draw conclusions."
Microsoft and CrowdStrike are actively working to resolve the issue. Microsoft noted, "We're investigating an issue impacting users' ability to access various Microsoft 365 apps and services. We're continuing to reroute the affected traffic to healthy infrastructure."
The Computer Emergency Response Team (CERT) of the Indian government issued an advisory with steps to resolve the issue:
Boot Windows into Safe Mode or the Windows Recovery Environment.
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory.
Locate and delete the file matching "C-00000291*.sys".
Boot the host normally.
As of now, Microsoft reports that multiple services are seeing continuous improvements as mitigation actions progress. Users and businesses worldwide continue to experience disruptions, but efforts to restore full functionality are ongoing.
The situation remains dynamic, with Microsoft, CrowdStrike, and affected sectors working diligently to resolve the issues and restore normal operations. The full extent of the outage's impact is still unfolding, with further updates expected as more information becomes available.