Microsoft has reported that a recent software update from cybersecurity firm CrowdStrike caused a global outage, affecting nearly 8.5 million devices.
The tech giant disclosed the incident in a blog post, emphasising that less than 1% of all Windows machines were impacted.
“While software updates may occasionally cause disturbances, significant incidents like the CrowdStrike event are infrequent. We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than 1% of all Windows machines. While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” it said.
Microsoft said that CrowdStrike had developed a solution to expedite a fix for Microsoft's Azure infrastructure. Additionally, it is collaborating with Amazon Web Services and Google Cloud Platform to share information on the industry-wide effects.
The air travel sector experienced substantial disruptions, with thousands of flights cancelled and passengers facing long delays. In response, Australia’s Federal Minister for Cyber Security and Home Affairs Clare O’Neil convened the National Coordination Mechanism (NCM).
“CrowdStrike confirmed they have rolled out an automatic fix for affected customers which is assisting in many cases,” O’Neil said. “This will likely be the last meeting of the NCM on this issue, but agencies will continue to monitor the situation. This incident has underlined the importance of software testing and embedding secure by design principles into software.”
She also warned the public to be cautious of scams exploiting the situation, advising vigilance against fraudulent communications.
“Australians should continue to be alert to any phishing or scams impersonating CrowdStrike or other providers. If you see something suspicious remember: stop, think, protect, and report to Scamwatch to protect your fellow citizens,” she said.
Insurance brokers are anticipating a surge in claims related to the outage.
Marsh, a major brokerage firm, confirmed that clients have informed insurers of their intention to file claims.
“This is absolutely something that is expected to be covered under cyber insurance,” said Meredith Schnur, Marsh cyber practice leader for the US and Canada.
Southern Cross Travel Insurance (SCTI) detailed the provisions for claims stemming from the outage.
“This outage impacted many services including airlines, airports, and other transport providers,” it said. “If you have been affected by this event, we ask that you contact your airline or travel agent in the first instance to make alternative arrangements.”
It said policies bought before 5pm on July 19 may cover costs incurred due to the incident, subject to policy terms and conditions.
Meanwhile, the National Disability Insurance Agency (NDIA) reported that its systems were not impacted by the outage. However, it advised Australians to remain vigilant against potential scams taking advantage of the situation.