A glitch in the software update of CrowdStrike’s Falcon Sensor knocked out several Windows computers and servers around the world, sending them through a bootloop featuring a blue screen of death.
- The Update: It was part of the Falcon Sensor’s endpoint threat detection and response product developed by Crowdstrike, an Austin, Texas-based cybersecurity firm.
- Impacted Cloud Service: Microsoft’s Azure cloud service faced the outage while other cloud service providers, like Google Cloud or Amazon Web Services (AWS), did not suffer any outage, both of them built their cloud platform on Linux.
- Recovery of Affected Systems: Manual recovery consisting of a four-step recovery process was instituted to fix affected systems, as computers and servers need to boot completely to download the fixed software.
- The Indian Computer Emergency Response Team, CERT-In, has issued a severity rating of “Critical” for the incident.
What is Crowdstike and The Falcon Sensor platform
- Crowdstrike is a cybersecurity firm that deploys unified security programme to stop breaches in real time.
- The Falcon Sensor platform: It runs with high privileges and is built to protect endpoints (basically, any devices connected to a computer network).
- A mishap in this security platform can cause the operating system to crash, like the Blue Screen of Death (BSOD) outage reported worldover.
- Boot Loop Cycle: Once BSOD flashes on a user’s screen, they will be caught in a boot loop cycle, which simply means that they won’t be able to access their devices linked to CrowdStrike’s Falcon platform.
Probable Cause of the Fault
- Human Error: A developer may have downloaded an update without sufficient quality control.
- Cyberattack: It can also be a result of a deep cyberattack, prepared ahead of time and involving an attacker activating a “doomsday command” or “kill switch”.
- Incompatibility: The software update made by CrowdStrike could have conflicted with the changes introduced in the latest Windows update.
Impact of the Outage Worldwide
Down detector recorded spiking outage reports from different parts of the world, with complaints surrounding Microsoft’s login, outlook, server, and app experiences.
- Widespread Range: The outage seriously impacted a wide range of Microsoft’s users ranging from airports, airlines, financial institutions, and hospitals down to office workers and casual Internet users trying to log into their Microsoft apps or devices.
- Collapse of Airports Digital Systems: Flights were briefly grounded in the United States and in India, airlines started checking passengers in manually at airports, issuing handwritten boarding passes as blue error screens took over flight information display boards.
- IndiGo alone reported cancellation of at least 283 trips on Friday and Saturday due to the outage.
- The Union government’s e-Office suite for processing files and paperwork was also impacted for two hours
- Traders and investors in India complained that their transactions were not being processed as the Brokerages and stock exchanges were also hit severely.
- Hospitals: Some hospitals also reported disruptions, with concerns that patient data could be lost, while their crucial treatments might be delayed.
About Blue Screen Of Death (BSOD)
- Officially referred to as the “Stop Error”, it is a warning which is issued when a critical problem forces Windows to reboot. The warning which is displayed on the blue screen can be seen on the computer when the system interrupts operations.
- Minidump: Before rebooting the system, the Windows operating system saves a file on the computer, carrying some data about the error. This file is called a ‘minidump’ and is crucial in determining the cause of the error.
- Causes:
- Improperly installed, damaged, or aging Hardware: BSOD warnings can be a result of problems caused in hardware systems (hard disk drive (HDD), Solid-State Drive (SSD), motherboard, or other physical components)
- Buggy or incompatible software like apps, or programs which may not have been integrated properly with the system.
- Malware or spyware: A malware injected by threat actors could also corrupt system files in a computer, causing it to show the Blue Screen of Death.
- Overheating: It can also result from overheating, especially if you’re experiencing other issues, like a loud computer fan or a Task Manager showing 100% disk usage.
Post Views: 237