CrowdStrike reported on Sunday that many of the 8.5 million Microsoft devices affected by a global tech outage that occurred on Friday are now back online and functioning. The outage, linked to a software update, had disrupted services for millions of users worldwide.
Efforts to restore operations have been successful, with a significant number of devices returning to normal. The swift recovery underscores the importance of robust cybersecurity measures and efficient response protocols in mitigating the impact of such widespread outages.
As systems continue to be restored, the focus remains on ensuring stability and preventing future disruptions. The incident highlights the critical need for continuous vigilance and rapid response in the tech industry to maintain service reliability and user trust.
Microsoft announced on Friday that the underlying cause of a global outage has been resolved. However, some Office 365 apps and services continue to experience residual impacts from the cybersecurity outages. The company is working to restore normal operations and fully mitigate any ongoing issues.
The initial outage had widespread effects, disrupting key sectors such as airlines, media, healthcare, and financial services, which also experienced significant impacts around the world. The root cause of the outage was traced to a software update by cybersecurity firm CrowdStrike.
The company’s CEO, George Kurtz, announced that they identified and fixed the update that caused Windows systems to crash globally. Kurtz emphasised that the incident was not a security breach or cyberattack.
As Microsoft continues to resolve these residual impacts, users are advised to remain patient and expect intermittent disruptions until full functionality is restored.
CrowdStrike Holdings Inc. CEO George Kurtz announced that the company has identified and fixed the update that caused Windows systems to crash globally. Kurtz emphasised that the incident was not a security breach or cyberattack. The issue stemmed from CrowdStrike’s Falcon Sensor threat-monitoring product, which coincided with disruptions in Microsoft’s Azure cloud services, leading to widespread IT outages.
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…
The outages affected several major companies, including McDonald’s, United Airlines, and the LSE Group, which reported communication issues. KLM had to suspend most flights due to the global computer outage. Despite the swift deployment of a fix, CrowdStrike’s shares fell 16% in premarket trading.
The following incident highlights the interconnected nature of modern IT infrastructure and the far-reaching impact of technical issues. CrowdStrike’s quick response helped mitigate further disruptions, but the event underscores the importance of robust and resilient IT systems.
A widespread cyber outage on Friday disrupted operations across various sectors in Australia and New Zealand. Key industries, including media, retail, banking, airlines, and telecommunications, were affected by issues stemming from cybersecurity firms CrowdStrike and Microsoft. Australia’s largest bank, Commonwealth Bank, faced service interruptions, and national airline Qantas reported flight delays.
Victoria state police experienced internal system disruptions, although emergency services remained operational. The outage also impacted several media companies, with state broadcaster ABC and Sky News Australia reporting significant network failures. According to Australia’s National Cyber Security Coordinator, despite the extensive impact, there was no evidence of a cybersecurity attack.
New Zealand also felt the effects, with parliamentary computer systems compromised. Retail operations were hindered, as evidenced by error messages seen on payment systems at Harris Farm grocery stores in Sydney. The outage was linked to a technical issue with a third-party software platform, causing widespread disruptions, but it is not believed to be the result of a hack.
A major tech outage on Friday disrupted operations across various industries worldwide. Airlines such as American, Delta, and United grounded flights due to communication issues, while airports in Tokyo, Amsterdam, and Berlin reported delays. The disruption extended to financial services, with banks and stock exchanges experiencing significant interruptions. Microsoft’s cloud services and Amazon’s AWS were also impacted, further complicating matters.
The root cause of the outage was traced to a software update by cybersecurity firm CrowdStrike. Their Falcon Sensor software caused Microsoft Windows systems to crash, displaying the notorious ‘Blue Screen of Death.’ CrowdStrike has begun rolling back the problematic update, offering a manual workaround to mitigate the issue. Despite the widespread impact, there was no indication that the outage was due to a cyberattack.
The outage’s ripple effect was felt globally, hitting healthcare and media sectors. Sky News went off air in the UK, and doctors’ booking systems were down. In Australia, telecom companies and banks faced disruptions linked to CrowdStrike’s software issues. As companies work to restore their systems, the global scope of the outage underscores the interconnected nature of modern technology infrastructure.
A US judge has dismissed most of an SEC lawsuit against software company SolarWinds, which accused it of defrauding investors by concealing security weaknesses linked to a Russia-backed cyberattack. Judge Paul Engelmayer ruled that claims against SolarWinds and its chief information security officer, Timothy Brown, were based on ‘hindsight and speculation’ and lacked concrete evidence.
The judge dismissed most claims related to statements made before the cyberattack, except for one regarding a statement on SolarWinds’ website about its security controls. The SEC had alleged that SolarWinds hid its cybersecurity vulnerabilities before the attack and downplayed its severity afterwards. SolarWinds expressed satisfaction with the decision, calling the remaining claim factually inaccurate.
The cyberattack, known as Sunburst, targeted SolarWinds’ Orion software platform and compromised several US government networks, including the Departments of Commerce, Energy, Homeland Security, State, and Treasury. The US government has attributed the attack to Russia, which has denied involvement.
This case, filed last October, was notable for being one of the first where the SEC sued a company that was a victim of a cyberattack without announcing a settlement. It is also rare for the SEC to sue public company executives not closely involved in preparing financial statements.
In Ukraine, several startups are advancing AI systems to enhance drone operations, aiming to gain a technological edge in the ongoing conflict. These AI-enabled drones are designed to tackle increasing signal jamming by Russian forces and operate in larger groups, revolutionising modern warfare. The development includes visual systems for target identification, terrain mapping for navigation, and complex programs enabling drones to work in interconnected swarms.
One notable company, Swarmer, is creating software that links drones into a network, allowing for instant decision implementation across the group, with human intervention limited to green-lighting automated strikes. CEO Serhiy Kupriienko explained that AI can manage hundreds of drones, whereas human pilots struggle with more than five. The system, called Styx, directs reconnaissance and strike drones, both aerial and ground-based, with each drone planning its own moves and predicting the behaviour of others in the swarm.
The need for AI drones is increasing as Electronic Warfare (EW) systems disrupt signals between pilots and drones. AI-operated drones could significantly improve hit rates, countering the current drop in strike success due to jamming. The goal is to develop affordable AI targeting systems that can be deployed en masse along the extensive front line, potentially using low-cost computers like the Raspberry Pi. Such advancements could significantly enhance Ukraine’s military capabilities in the ongoing conflict, as seen with their use of Clearview AI’s facial recognition services.
A recent survey conducted by Nikkei Research for Reuters shows a significant divide among Japanese companies regarding AI adoption. Of the 250 firms that responded, 24% have integrated AI into their operations, while 35% plan to do so. However, 41% have no plans to implement the technology, highlighting varying levels of enthusiasm for AI across corporate Japan. Key motivations for adopting AI include addressing workforce shortages, reducing labour costs, and accelerating research and development.
Despite Japan’s initially laid back approach to AI regulation, several obstacles hinder AI adoption, including employee anxiety over potential job losses, lack of technological expertise, high capital expenditure, and concerns about AI’s reliability. Cybersecurity also emerged as a critical issue, with 15% of respondents experiencing cyberattacks in the past year and 9% reporting attacks on their business partners. To enhance cybersecurity, 47% of firms outsource their defence, while 38% rely on in-house specialists.
The survey also touched on the controversial topic of Japan’s surname law, which mandates that spouses use the same surname. Half of the respondents support changing the law, a move prompted by the Keidanren business lobby’s recent appeal to the government. Supporters argue that the current system undermines individual dignity and freedom, particularly for women, while opponents believe separate surnames could weaken family bonds. Only 14% of firms believe the change would boost employee morale, and 10% think it would aid hiring efforts, with the majority expecting no significant impact on business.
The UK government plans to introduce a Cyber Security and Resilience Bill to enhance national cyber-resilience, as announced in the King’s Speech on 17 July 2024. The bill aims to strengthen defences and protect essential digital services, focusing on critical infrastructure providers and expanding the scope of current regulations.Plans Cyber Security and Resilience Bill to Protect Critical Infrastructure
The new legislation will introduce mandatory ransomware reporting, helping authorities better understand the scale of the threat and alert them to potential attacks. It also grants new powers to regulators and extends the scope of existing regulations to include more digital services and supply chains. This initiative responds to heightened cyber threats, such as recent high-profile cyber-attacks on the NHS and the Ministry of Defence.
According to Stuart Davey of Pinsent Masons, the bill builds on previous efforts to reform the UK’s NIS regime. Dominic Trott of Orange Cyberdefense emphasised the importance of updating the regulatory framework to protect supply chains, a significant threat vector for attackers. Martin Greenfield of Quod Orbis added that the bill would help the Labour government deliver on its promise to boost economic growth.
A separate Digital Information and Smart Data Bill will be introduced, incorporating many measures from the Data Protection and Digital Information Bill, which failed to pass in the last parliament. This move aims to create a more secure and prosperous digital economy.
Senator Chuck Grassley’s office provided the letter to Reuters, stating that OpenAI’s policies appear to prevent whistleblowers from receiving due compensation for their protected disclosures. The whistle-blowers have requested that the SEC fine OpenAI for each improper agreement and review all contracts containing NDAs, including employment, severance, and investor agreements. OpenAI did not immediately respond to requests for comment.
