Microsoft claims that the worldwide IT disruption rendered 8.5 million computers unusable worldwide.
For the first time, a numerical value has been assigned to the incident, indicating that it may rank among the worst cyber events in history.
The issue was caused by a security firm named CrowdStrike, which distributed a faulty software update to a sizable portion of its clientele.
CrowdStrike IT outage impacted
In a blog post, Microsoft—which is assisting consumers with their recovery—stated: “We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices.”
Although this represents less than 1% of all Windows computers globally, according to the company’s vice-president David Weston‘s post, “the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services”.
Due to performance telemetry provided by numerous internet connections, the company can determine with great accuracy how many devices were rendered inoperable during the outage.
The tech giant emphasizes that the incident shows how crucial it is for businesses like CrowdStrike to do quality control checks on updates before sending them out. The company was eager to clarify that this was not a problem with its software.
“It serves as a reminder of the critical importance that all members of the tech ecosystem must place on operating with safe deployment and disaster recovery through the use of existing mechanisms,” Mr. Weston added.
The IT error has had a massive impact and is already among the worst cyber-incidents in history.
According to the figure provided by Microsoft, it is most likely the biggest cyber-event in history, surpassing all prior intrusions and disruptions.
The 2017 WannaCry cyberattack, which is thought to have affected some 300,000 systems across 150 countries, is the most similar to this. A month later, there was another expensive and disruptive attack known as NotPetya.
2021 also saw a significant six-hour outage at Meta, the company that powers Facebook, Instagram, and WhatsApp. However, that was mainly limited to the social media behemoth and a few affiliated partners.
Cybersecurity professionals and organizations worldwide have also issued warnings as a result of the significant outage regarding a surge in opportunistic hacking attempts connected to the IT disruption.
Cybersecurity organizations in the UK and Australia are alerting the public to be wary of phony emails, phone calls, and websites posing as official.
Additionally, George Kurtz, the CEO of CrowdStrike, advised customers to confirm that they were talking with company representatives in person before downloading any updates.
In a blog post, he stated, “We know that adversaries and bad actors will try to exploit events like this.”
Every time there is a significant development in the news, particularly one involving technology, hackers adjust their current techniques to account for the uncertainty and anxiety.
Researchers at Secureworks report that the number of domain registrations with a CrowdStrike theme has already increased significantly. These are new websites that hackers have registered, appearing official, with the intention of tricking IT managers or the general public into downloading malicious software or disclosing personal information.
Global cyber security organizations have advised IT responders to solely rely on CrowdStrike’s website for information and assistance.
The advise is mostly intended at IT managers, who are the ones who must deal with this as they work to restore the online presence of their organizations.
However, experts are cautioning that people may also be targeted and advise being extremely alert and only acting upon information obtained through legitimate CrowdStrike channels.
ALSO READ : First response from Satya Nadella following the Microsoft outage: “Yesterday, CrowdStrike…”
Pingback: Taiwan suspends flights of Typhoon Gaemi