Crowdstrike and Microsoft: What we know about global IT outage

primetime · July 19, 2024, 1:33pm

In case anyone hasn’t heard of this yet.

Long-TimeLurker · July 19, 2024, 2:07pm

The article I was sent is paywalled, but 12ft is an Amazing site to get around that.

UPS and FedEx warn of potential delivery delay after global tech outage

Package delivery firm UPS (NYSE:UPS) notified its customers of a potential delay in delivery of their packages after a massive IT outage affected systems around the world, impacting operations across industries in banking, healthcare, media, and travel.

“While the UPS network is operating and delivering in all areas, there is a potential for delivery delays due to a global technology outage. Contingency plans are in place to help ensure that shipments arrive at their final destinations as quickly as possible,” UPS said in a service alert notification on their website.

FedEx (NYSE:FDX) was not spared either from the outage and warned customers in a similar tone as its main rival. The company said it “experienced substantial disruptions” throughout its networks.

Chaos across businesses ensued after CrowdStrike (CRWD) released an update for computers running Microsoft’s (MSFT) Windows operating system. The cybersecurity firm said its “Falcon Sensor” made Windows OS crash and display a blue screen known as the “Blue Screen of Death.”

Wedbush analyst Dan Ives calls the incident a “major black eye” for CrowdStrike. Although not a cyber attack, the magnitude of the outage caused CEO George Kurtz to apologize for the inconvenience, which caused delays at airports, financial transactions failing, and disruptions in TV broadcasting, among other things. The issue is mostly resolved, but the residual impact of the outage remains.

primetime · July 19, 2024, 2:18pm

The bridge and tunnel from Detroit to Canada are affected. And the BBC article mentions a large port in Poland so probably others are also impacted.

Spellcheck?

spellcheck did not recognize Poland?? Odd. (IOS Safari)

Sundance · July 19, 2024, 3:34pm

mostly resolved? black eye?

Heads need to roll

I know our Volusion website is still down https://status.volusion.com/

Long-TimeLurker · July 19, 2024, 3:43pm

ArsTechnica spotted a post that notes that the CEO of CrowdStrike was CTO of McAfee in April 2010 when they sent out an update that deleted a Windows XP file that caused outages and system-by-system file repair.

We’ve received an update from our FedEx account manager that most services and locations are operating as normal. Some delays may be experienced. They’re currently working on getting impacted locations back to normal. They helpfully provided that update 16 whole minutes before the mass email sent by FedEx to their users.

Pepper_Thine_Angus · July 19, 2024, 3:56pm

This is a 100% CrowdStrike Issue. Nothing to do with Microsoft just to clear the air a little

Long-TimeLurker · July 19, 2024, 4:38pm

CrowdStrike fixes start at “reboot up to 15 times” and get more complex from there

IT workers around the globe deserve some sympathy today.

TEXASEXILEBOOKS · July 19, 2024, 5:00pm

Not the ones from AMAZON!!! Their one-size fits-all-thinking is so skewed. Make mistakes each day-and never bother to correct them…

GGX · July 19, 2024, 5:00pm

This is slightly debatable. The fact the windows OS is brickable by a 3rd party update is problematic. But windows having security flaws/vulnerabilities is nothing new.

Lost_My_Marbles · July 19, 2024, 5:05pm

We find this very interesting after 1) Microsoft Windows update in June shut down all Roland engravers and any engraving machine (driver issues), 2) a kernel update took out all of the sites on our web host and now 3) this Crowdstrike update issue.

Cutting corners and not double checking?

.

When a young programmer learns the hard way?

Dogtamer · July 19, 2024, 5:09pm

Thank you!

We’re gonna need it; all of our hospital clients using Falcon went down…

papy · July 19, 2024, 5:36pm

There’s resolution, and then there’s recovery. Recovery is the problem now, and it’s HUGE.

These details from a tech friend:

Assuming you’ve paid for remote access, you can do all the following remotely. If not, someone has to physically touch the machine…
1. Reboot. Wait and see if it gets the update before it crashes.
2. If not, reboot to safe mode, and login.
3. Find the bad file and delete it.
4. Reboot

Then you can recover disks/processes that may have been corrupted by the system going down hard.

And that’s if it’s on-prem hardware.

*If it’s cloud-based and and the reboot didn’t fix it: *
1. Launch a new VM
2. Detach the boot drive from the original and attach it as a secondary drive to this temp VM
3. Go in and delete the file
4. Re-attach the drive to the original VM
5. Boot the original VM

Oh, and if it’s in a domain you may not have working local credentials… So you gotta boot off a USB or CD with recovery tools.

It’s so widespread because cyber insurance requires crowd strike or equivalent software to even qualify for coverage.

(VM=virtual machine)

Pepper_Thine_Angus · July 19, 2024, 5:55pm

3rd party security update. Security software is a different beast.

Same thing can happen to Linux or MacOS

lake · July 19, 2024, 6:27pm

Although this is a blackeye for Crowdstrike, there is much more blame to go around.

It was well known since the early 1960’s that secure networking was not possible without network technology that was secure, and operating systems that were secure.

The Department of Defense never used Arpanet for any functions which required security or were mission critical. It was toy for use mostly by academics.

It has other technology for secure applications.

The Internet was built on Arpanet because it existed and required no royalty payments.

The user community, put applications on the Internet which required security when there was none. Why, because secure connectivity was expensive because it could not be shared and be secure.

All of the security breaches and their effects cause unbounded damage.

Crowdstrike’s products add more software to fail, and does not eliminate all chances of a security breach.

We are all so deeply dependent on the Internet and going to continue to experience breaches and failures forever.

papy · July 19, 2024, 10:22pm

1 HOUR AGO

Amazon warehouses and internal software disrupted by outage

Some Amazon warehouses in the U.S. were grappling with disruptions set off by the global IT outage.

Three Amazon warehouse staffers said the outage took down an app used by employees to manage their schedules and submit time off requests, called A to Z, early Friday morning, though it has since been restored in some areas. The employees asked to remain anonymous because they weren’t authorized to speak publicly about the situation.

The outage also disrupted some Amazon employees’ ability to access an internal service called “Anytime Pay,” which allows staffers to withdraw earnings before their next paycheck. “Anytime Pay is unavailable due to a global outage impacting users to access internal IT services,” according to a notice on Amazon’s internal payroll site for warehouse staffers, which was viewed by CNBC.

At some sites, operations were briefly halted. An Amazon warehouse worker in South Carolina, who asked to remain anonymous, said their site passed the time by performing karaoke in exchange for “cola cash,” or credits that can be used to purchase snacks and drinks at the facility.

The disruptions also touched Amazon’s trucking operations. Truck drivers who use Relay, a platform that lets them book jobs moving Amazon cargo, said they were briefly unable to pick up loads at Amazon warehouses due to system issues.

“Everything was bluescreened,” said Dwight Evitt, a truck driver in San Marcos, Texas.

Representatives from Amazon didn’t respond to requests for comment.

— Annie Palmer

papy · July 19, 2024, 10:25pm

booknut7 · July 19, 2024, 10:25pm

Well no wonder the A-Z situation is so messed up!

joebcrafts · July 19, 2024, 11:34pm

Let’s just slide this update in right here and…
Jenga Jenga Blocks GIF

Trying to recover: Oh crap… what did that stack look like.

papy · July 19, 2024, 11:39pm

They are on hour 12 of recovery and counting…