Microsoft estimates that 8.5 million computers worldwide were disabled by the global IT outage.
For the first time, a number has been assigned to the incident, which continues to cause problems globally. The glitch originated from CrowdStrike, a cybersecurity company, which sent out a corrupted software update to its vast customer base.
Microsoft, which is assisting customers in recovery, stated in a blog post, “We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices.” The post by David Weston, Vice President of Enterprise and OS at Microsoft, mentions that this number represents less than 1% of all Windows machines worldwide, but notes that “the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.”
The company can accurately determine the number of devices disabled by the outage due to performance telemetry from many internet-connected devices.
Microsoft emphasized that this issue was not related to its software, underscoring the importance of quality control checks on updates by companies like CrowdStrike. “It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist,” Weston added.
The fallout from the IT glitch has been enormous, ranking among the worst cyber-incidents in history. The number provided by Microsoft suggests it is probably the largest ever cyber-event, surpassing all previous hacks and outages.
The closest comparable event is the WannaCry cyber-attack in 2017, which is estimated to have impacted around 300,000 computers in 150 countries. A similar costly and disruptive attack, NotPetya, occurred a month later. There was also a significant six-hour outage in 2021 at Meta, affecting Instagram, Facebook, and WhatsApp, but it was largely contained to the social media giant and its partners.
The massive outage has prompted warnings from cybersecurity experts and agencies globally about a wave of opportunistic hacking attempts linked to the IT outage. Cyber agencies in the UK and Australia are advising people to be vigilant against fake emails, calls, and websites pretending to be official.
CrowdStrike CEO George Kurtz urged users to ensure they were communicating with official representatives from the company before downloading fixes. “We know that adversaries and bad actors will try to exploit events like this,” he said in a blog post.
Whenever there is a major news event, especially one related to technology, hackers respond by adapting their existing methods to exploit the fear and uncertainty. Researchers at Secureworks have already noted a sharp rise in CrowdStrike-themed domain registrations, with hackers creating new websites designed to look official and potentially trick IT managers or the public into downloading malicious software or revealing private details.
Cybersecurity agencies worldwide have advised IT responders to use only CrowdStrike’s official website for information and assistance. This advice is primarily for IT managers working to restore their organizations’ systems but also extends to individuals who might be targeted. Experts warn everyone to be extremely vigilant and act only on information from official CrowdStrike channels.
Source: https://www.bbc.com/news/articles/cpe3zgznwjno
Image Source: https://www.nytimes.com/2024/07/19/business/what-is-crowdstrike.html
