Last week, a Microsoft Azure outage and a faulty CrowdStrike update delt a twin blow to transportation and banking services in many parts of the world. Several airline operations were disrupted as check-in procedures were impacted; trains were also delayed. Meanwhile, banking apps and online transactions were also impacted.
While Microsoft Azure is the tech giant’s cloud computing platform, CrowdStrike is a cybersecurity firm with 298 clients out of global Fortune 500 companies.
How it all transpired
According to Microsoft Azure, “Between 21:56 UTC on 18 July 2024 and 12:15 UTC on 19 July 2024, customers may have experienced issues with multiple Azure services in the Central US region including failures with service management operations and connectivity or availability of services.” Delving into what caused the outage, it said, “A storage incident impacted the availability of Virtual Machines which may have also restarted unexpectedly. Services with dependencies on the impacted virtual machines and storage resources would have experienced impact.”
While it took several hours to resolve the issue, the problem was compounded by a near simultaneous issue with CrowdStrike. Many Microsoft users were hit with what is error screen dubbed the “blue screen of death”.
In an official blog, CrowdStrike explained, “On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.”
CrowdStrike Founder and CEO further released a statement saying, “The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.”
Microsoft CEO Satya Nadela also took to X (formerly Twitter) and said, “Yesterday, CrowdStrike released an update that began impacting IT systems globally. We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online.”
Impact across the world
Service disruptions were reported from Australia to America, Japan to India! Siting aviation tracking and data platform FlightAware, CNN reported that the number of disrupted flights as of Friday evening stood at around 3,000. It also said that over 11,000 flights were delayed. Some of the affected airlines include American Airlines, Delta, and United Airlines.
London’s Stansted and Gatwick airports reported delays, while services were also affected at airports in Amsterdam, New Delhi and Tokyo. Hindustan Times reported that airports resorted to issuing boarding passes manually and wrote flight updates on white boards to alleviate the crisis at some Indian airports.
Airline services were also impacted in Australia, where banks, supermarkets and media companies were also impacted. ABC News reported that the outages hit banks and payment systems, forcing some supermarkets and petrol stations to close.
The Guardian reported that the biggest commuter rail network, GTR, said its Thameslink and Southern trains were disrupted due to communications systems failing and that ticket vending machines of South Western Railway had stopped working.
Healthcare services were reportedly disrupted in many parts of Canada, Germany, Israel, the Netherlands, the UK as well as the US. Media services are affected in Australia, France, and the UK with some TV news channels either briefly going off air or being unable to display graphics or weather maps.
Where do we stand now?
With respect to the Azure outage, upon investigation, Microsoft “determined that a backend cluster management workflow deployed a configuration change causing backend access to be blocked between a subset of Azure Storage clusters and compute resources in the Central US region. This resulted in the compute resources automatically restarting when connectivity was lost to virtual disks hosted on impacted storage resources.”
Meanwhile, according to CrowdStrike, “The sensor configuration update that caused the system crash was remediated on Friday, July 19, 2024 05:27 UTC.”
But Microsoft estimated that the faulty update impacted millions of devices. In a blog, Microsoft said, “We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines. While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.”
While both crises have been seemingly resolved, the economic impact of the twin outages is yet to be determined. While the impact on larger companies and banks was evident, it is even more difficult to ascertain financial losses suffered by small businesses, medium and micro-enterprises as well as individual professional services providers.
Some experts peg total losses to be close to US$ 1 Billion. Patrick Anderson, CEO of Anderson Economic Group, a Michigan research firm that specializes in estimating the economic cost of events like strikes and other business disruptions, told CNN, that the losses could easily top US$1 Billion.
Meanwhile, CrowdStrike’s share prices nosedived in the aftermath of the crisis, with Investopedia reporting that on Friday, shares of CrowdStrike plummeted 11.1%, marking the heaviest losses of any S&P 500 stock.