World (AP)

A massive tech outage is causing worldwide disruptions. Here’s what we know

A massive tech outage is causing worldwide disruptions. Here’s what we know

NEW YORK (AP) — Much of the world faced online disarray Friday as a widespread technology outage affected companies and services across industries — grounding flights, knocking banks and hospital systems offline and media outlets off air.

At the heart of the massive disruption is CrowdStrike, a cybersecurity firm that provides software to scores of companies worldwide. The company says the problem occurred when it deployed a faulty update to computers running Microsoft Windows, and that the issue behind the outage was not a security incident or cyberattack.

CrowdStrike has said a fix is on the way. Still, disarray continued hours after the problem was first detected.

Here’s what you need to know.

How did Friday’s global outage happen?

Friday’s chaos began with a faulty update was pushed out from CrowdStrike. In a Friday post on social media platform X, President and CEO George Kurtz cited a “defect found in a single content update for Windows hosts” — noting that Mac and Linux hosts were not impacted.

But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem are far-reaching.

Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services during peak summer travel. Banks in South Africa and New Zealand reported outages impacting payments and online services. And hospitals had problems with their appointment systems, while officials in some U.S. states warned of 911 problems in their areas.

DownDectector, which tracks user-reported disruptions to internet services, recorded that airlines, payment platforms and online shopping websites across the world were affected — although the disruption appeared piecemeal and was apparently related to whether the companies used Microsoft cloud-based services.

Still, experts stress that Friday’s disruptions underscore the vulnerability of worldwide dependence on software that comes from only a handful of providers.

“This is a very, very uncomfortable illustration of the fragility of the world’s core internet infrastructure,” said Ciaran Martin, a professor at Oxford University’s Blavatnik School of Government and former Head of Britain’s National Cyber Security Centre.

What is CrowdStrike?

CrowdStrike is a U.S. cybersecurity company that provides software to companies around the world and across industries. It bills itself as being the globe’s most advanced cloud-based security technology provider.

“We stop breaches,” the cybersecurity firm writes on its website.

According to the company’s website, CrowdStrike was founded in 2011 and launched in early 2012. CrowdStrike listed on the Nasdaq exchange five years ago. Last month, the Austin, Texas company reported that its revenue rose 33% in the last quarter from the same quarter a year earlier — logging a net profit of $42.8 million, up from $491,000 in the first quarter of last year.

CrowdStrike has a partnership with Amazon Web Services and its “Falcon for Defender” security technology is designed to supplement Microsoft Defender to prevent attacks.

Is there a fix?

Disruptions on Friday have continued hours after CrowdStrike first identified the issue. But both the company and Microsoft say that they’re working to get systems back online.

In an emailed statement, Crowdstrike said that it was “actively working with customers impacted by a defect found in a single content update for Windows hosts” — adding that a fix “had been deployed” for the identified issue.

Microsoft 365 posted on social media platform X that the company was “working on rerouting the impacted traffic to alternate systems to alleviate impact” and that they were “observing a positive trend in service availability.”

Spokesperson Frank X. Shaw added in an emailed statement that the company was “actively supporting customers to assist in their recovery.” Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.