The end of this week was characterized by an unprecedented outage in the operation of computers running the Microsoft Windows operating system on which CrowdStrike software was installed, designed to protect against cyber attacks. It was its update that led to massive failures, but Microsoft itself notes that the affected 8.5 million PCs actually represent less than 1% of the entire fleet of operating systems.
Image source: Unsplash, Andres Molina
Estimates of the scale of the disaster were provided by Microsoft on the pages of its own blog. According to this operating system developer, the unsuccessful CrowdStrike Falcon software update affected about 8.5 million computers around the world, but this number does not exceed 1% of all systems running Windows. However, Microsoft’s vice president of operating systems security, David Weston, said in a blog post: “Although the percentage was not high, the broad economic and social impact reflects the use of CrowdStrike by companies that control many mission-critical services.”
«The incident demonstrates the depth of interconnections in our broader ecosystem of global cloud service providers, software platforms, information security vendors and other software. It also reminds us all of the importance of a secure approach to software distribution and disaster recovery using established mechanisms,” the Microsoft spokesperson continued. According to him, CrowdStrike has already provided the company with a scalable fix to restore the functionality of Amazon’s cloud infrastructure. Microsoft is also working with Amazon and Google to find the most effective methods to mitigate the consequences of the incident. In addition, hundreds of Microsoft technical support specialists are aimed at eliminating these consequences in the infrastructure of the corporation’s clients, and in-house specialists of the affected companies are promptly provided with instructions on how to eliminate the consequences of the failure.
Experts in the field of information security note in passing that the wide publicity of the incident in the media has already attracted attackers to this topic who are trying to penetrate the infrastructure of companies affected by the failure under the guise of technical consultants from CrowdStrike or Microsoft. Due to the need to manually remove CrowdStrike software update files from computers, it is estimated that it could take days to weeks for some affected companies to fully restore their infrastructure.