Airlines, Government services, Microsoft services, banking and national health services were just some of the sectors affected by a global IT outage today. Initially, Microsoft seemed to blame but quickly, CrowdStrike was fingered as causing the mass crash of Windows devices. The scale of the crash could be one of the biggest in history.

CrowdStrike makes anti-virus software and one of its programs, Falcon, had an update issued that caused Microsoft devices to crash. While not specifying what exactly went wrong, George Kurtz, CEO and Founder of CrowdStrike said a ‘defect’ in the update patch was to blame.

He added: “The issue has been identified, isolated and a fix has been deployed.”

Emphasising that this wasn’t a virus or hack attack, he said other operating systems weren’t affected. Nonetheless, with many Microsoft based systems crashed, it could take some time to restore services given the scale of the incident.

Ryanair, VISA, Ladbrokes, Tesco, the National Health Service (UK), airports around the globe (US, Australia, Europe, South America) and some rail services all suffered outages with many services cancelled. The worst affected countries seemed to be Australia and European countries. The US Department of Homeland Security said it was working with CrowdStrike and Microsoft along with state agencies to fully assess the services that had been affected. 911 was down in some states. Over 2,000 flights in the USA alone were cancelled. The US Justice Department said in an internal memo that it was seeing some of its services being affected and warned employees that “(it) is significant and there is currently no estimated restoration time.”

Kurtz, in an interview with NBC blamed a bug in the software update that caused an issue with the Microsoft Operating System. “We have to go back and see what happened here,” he said, “our systems are always looking for the latest attacks from adversaries that that are out there.”

Denying it was a cyber-attack of any sort, he said “It wasn’t a cyber attack. It was related to this, this content update.”

The odds at the moment look like it was a human coding error. How much that will affect data stored is anyone’s guess but a lot of it will come down to the backup systems in place for each operator. If company IT departments are not familiar with starting up the whole system of a global company, that can span many departments (in different countries) that takes in everything from server support to database engineers.

It could be a case that the software fix cannot be applied because systems just won’t boot up due to the previous faulty update. Something similar to a crash and reboot only to crash again, akin to Window’s blue screen of death. In that case, IT has to figure out how to apply the patch with the system in safe mode, reboot, test and then go to production mode again. That takes time. Toss in that this anti-virus software may have been deployed across hundreds (thousands?) of terminals in a company and the complexity of it explodes very fast. You might get the server back up running but if company laptops are also running Falcon then you have to go configure each one of them also. Expect a day of outage if it is just servers being affected or if this anti-virus is deployed across laptops, two days.

*EDIT* This seems to be affecting not just servers but laptops and end terminals company wide. The solution requires a hard boot into safe mode, deleting the old patch and rebooting. For end users not tech savy, this means IT admins will have a busy weekend, attempting to patch everything before Monday.

They’ll be a lot of pressurised IT departments praying their systems are robust enough to re-instate where they left off.

A map from Thousand Eyes shows the scale of the outages worldwide;