Microsoft says CrowdStrike IT incident affected 8.5 million Windows devices
Microsoft said it estimates that 8.5 million computers worldwide have been disabled due to the global IT outage.
This is the first time a figure has been put on the incident that is still causing problems around the world.
The incident stemmed from a cybersecurity company called CrowdStrike sending out a faulty software update to a large number of its customers.
Microsoft, which is helping customers recover, said in a blog post: “We currently estimate that the CrowdStrike update has impacted 8.5 million Windows devices.”
The post, by David Weston, the company’s vice president of enterprise and operating systems, said the figure represents less than 1% of all Windows-based computers worldwide, but “the far-reaching economic and social impact reflects the businesses that use CrowdStrike to run many critical services.”
The company can determine very precisely how many devices are disabled due to the power outage because they can monitor the performance of many devices through their internet connection.
The tech giant — which has been keen to stress that this is not a software issue — said the incident highlights the importance of companies like CrowdStrike quality-testing updates before sending them out.
“It’s also a reminder of how important it is for all of us in the technology ecosystem to prioritize operations with secure deployment and disaster recovery using existing mechanisms,” said Mr. Weston.
The consequences of this IT incident were huge and became one of the worst cyber incidents in history.
The figure Microsoft gave means this could be the largest cyber event ever, surpassing all previous attacks and outages.
The closest thing to this was the 2017 WannaCry cyberattack, which affected an estimated 300,000 computers in 150 countries. A similarly costly and disruptive attack called NotPetya followed a month later.
There was also a major six-hour outage in 2021 at Meta, which operates Instagram, Facebook, and WhatsApp. But that was largely limited to the social media giant and a few affiliate partners.
This widespread power outage also prompted cybersecurity experts and agencies around the world to warn of a wave of cyber attacks linked to IT outages.
Cyber security agencies in the UK and Australia are warning people to be wary of fake emails, calls and websites that appear to be official sites.
And CrowdStrike head George Kurtz encourages users to make sure they’re talking to an official company representative before downloading the fix.
“We know that adversaries and bad actors will try to exploit events like this,” he said in a blog post.
Whenever there is a major news event, especially one involving technology, hackers respond by adapting existing methods to account for fear and uncertainty.
According to researchers at Secureworks, there has been a sharp increase in CrowdStrike-themed domain registrations — hackers register new websites that look like official ones and potentially trick IT managers or the public into downloading malware or giving up personal information.
Cybersecurity agencies around the world have urged IT responders to use CrowdStrike’s website only for information and assistance.
This advice is primarily intended for IT managers who are affected by this incident as they try to get their organizations back up and running.
But individuals can also be targeted, so experts warn people to be extremely vigilant and only act on information from official CrowdStrike channels.