One small update brought down millions of IT systems around the world. It’s a timely warning

This weekend’s global IT outage caused by a software update gone wrong highlights the interconnected and often fragile nature of modern IT infrastructure. It demonstrates how a single point of failure can have far-reaching consequences.

The outage^[1] was linked to a single update automatically rolled out to Crowdstrike Falcon^[2], a ubiquitous cyber security tool used primarily by large organisations^[3]. This caused Microsoft Windows computers around the world to crash.

CrowdStrike has since fixed the problem on their end. While many organisations have been able to resume work now, it will take some time for IT teams to fully repair all the affected systems – some of that work has to be done manually.

How could this happen?

Many organisations rely on the same cloud providers and cyber security solutions. The result is a form of digital monoculture.

While this standardisation means computer systems can run efficiently and are widely compatible, it also means a problem can cascade^[4] across many industries and geographies. As we’ve now seen in the case of CrowdStrike, it can even cascade around the entire globe.

Modern IT infrastructure is highly interconnected and interdependent. If one component fails, it can lead to a situation where the failed component triggers a chain reaction^[5] that impacts other parts of the system.

As software and the networks they operate in becomes more complex, the potential for unforeseen interactions and bugs increases. A minor update can have unintended consequences and spread rapidly throughout the network.

As we have now seen, entire systems can be brought to a grinding halt before the overseers can react to prevent it.

How was Microsoft involved?

When Windows computers everywhere started to crash with a “blue screen of death” message, early reports stated the IT outage was caused by Microsoft.

In fact, Microsoft confirmed^[6] it experienced a cloud services outage in the Central United States region, which began around 6pm Eastern Time on Thursday, July 18 2024.

This outage affected a subset of customers using various Azure services. Azure^[7] is Microsoft’s proprietary cloud services platform.

The Azure outage had far-reaching consequences, disrupting services across multiple sectors, including airlines^[8], retail^[9], banking and media. Not only in the United States but also internationally in countries like Australia and New Zealand. It also impacted various Microsoft 365 services, including PowerBI, Microsoft Fabric and Teams.

As it has now turned out, the entire Azure outage could also be traced back to the CrowdStrike update^[10]. In this case it was affecting Microsoft’s virtual machines running Windows with Falcon installed.

References

1. ^{^} outage (www.abc.net.au)
2. ^{^} Crowdstrike Falcon (www.crowdstrike.com)
3. ^{^} used primarily by large organisations (theconversation.com)
4. ^{^} a problem can cascade (en.wikipedia.org)
5. ^{^} chain reaction (www.sciencedirect.com)
6. ^{^} Microsoft confirmed (gulfbusiness.com)
7. ^{^} Azure (azure.microsoft.com)
8. ^{^} airlines (www.reuters.com)
9. ^{^} retail (nypost.com)
10. ^{^} traced back to the CrowdStrike update (gulfbusiness.com)
11. ^{^} the others can continue (devops.com)
12. ^{^} their business continues to operate (pretius.com)
13. ^{^} failover (www.techtarget.com)
14. ^{^} how to respond when outages occur (employsure.com.au)
15. ^{^} Carrington Event (en.wikipedia.org)
16. ^{^} Solar storms that caused pretty auroras can create havoc with technology — here’s how (theconversation.com)
17. ^{^} undersea fibre optic cables (theconversation.com)