Airports, banks and hospitals disrupted by largest IT outage in history

The first problems occurred on July 19, around 3 pm in Sydney (7 am in Paris). At Australia’s largest airport, the information screens had just turned blue: no departure times were displayed. Soon, the machines used to check in passengers broke down one by one. The same problem occurred in Canberra, Perth or Auckland (New Zealand); Jetstar, Virgin Atlantic and other airlines began to cancel flights.

An hour later, what looked like already serious air traffic problems turned out to be even more severe on the eve of one of the biggest crossover weekends of the summer. Australian TV channel ABC briefly disappeared from screens; payment systems at the country’s two major banks failed; and self-service checkouts at several supermarket chains stopped functioning. Australia and New Zealand didn’t know it yet, but they had just suffered what might be the worst computer outage in history.

The traces of network attack have been ruled out

Soon, amid panic and confusion, Australian authorities eased fears: there was no evidence of a cyberattack or malicious operation. On the other hand, in the early hours of French time, the first suspect appeared on a dedicated discussion forum. Internet users complained that their Windows computers were crashing. Testimonies “Blue Screen of Death” （“Blue Screen of Death”), the historical name given on the screen when the system encountered a fatal error, multiplied by . These Internet users (most of whom are network administrators and IT service managers) gradually discovered the extent of the damage as they began to work. One of them counted down: “I’m in Malaysia and 70% of our laptops are broken. The Japanese headquarters has ordered the entire company to shut down.”he wrote. What do these machines have in common? They use a very well-known security tool, sold by the American company CrowdStrike.

In the following hours, as new victims of the outage continued to appear, the clues became clear: the source of the problem was Falcon Sensor, an IT security solution sold by an American company. The stakes were high: CrowdStrike is a major player in the cybersecurity field. Its tools are deployed on the networks of large or very large companies, scanning every unusual activity or every suspicious connection to block attempts at intrusion or data theft. But a recent update released overnight seemed to contain a piece of code that causes serious problems on computers running Windows. On discussion forums, the solution began to be distributed: for each computer, it was necessary to restart the computer, then search for and delete the problematic files.

73.25% of this article remains to be read. The rest is reserved for subscribers.