- author, Joe Diddy
- stock, Cyber Correspondent, BBC News
Microsoft estimates that 8.5 million computers worldwide have been disabled by global IT outages.
This is the first time a number has been put to the incident, which continues to cause problems around the world.
The glitch came from a cyber security company called CrowdStrike, which sent out a corrupted software update to many of its customers.
Microsoft said in a blog post to help customers recover: “We estimate that the update to CrowdStrike affected 8.5 million Windows devices.”
A post by David Weston, the company’s vice president, enterprise and OS, said the number is less than 1% of all Windows computers worldwide, but the “wider economic and social implications reflect the use of CrowdStrike by many organizations for critical services”.
Since many have performance telemetry through their Internet connections, the company can tell more precisely how many devices were disabled by the outage.
The incident highlights how important it is for companies like CrowdStrike to apply quality control tests before the tech giant – which is keen to point out that it’s not a problem with its software – sends out updates.
“It’s a reminder to everyone in the technology ecosystem how important it is to prioritize working with secure deployment and disaster recovery,” Mr Weston said.
The fallout from the IT breach was massive and already one of the worst cyber incidents in history.
The number provided by Microsoft means that this is the biggest cyber incident ever, eclipsing all previous hacks and outages.
Closest to this is the 2017 WannaCry cyber attack that affected 300,000 computers in 150 countries. A month later a similarly costly and disruptive attack called NotPetya occurred.
Meta, which operates Instagram, Facebook and WhatsApp, had a six-hour strike in 2021. But it was mostly with the social media company and some affiliate partners.
The massive outage has also prompted warnings from cyber security experts and agencies around the world about a wave of opportunistic hacking attempts linked to IT outages.
Cyber agencies in the UK and Australia are warning people to be aware of fake emails, calls and websites pretending to be official.
CrowdStrike President George Kurtz encouraged users to make sure to talk to the company’s official representatives before downloading fixes.
“We know that adversaries and bad actors will try to exploit such events,” he said in a blog post.
Whenever there is a major news event, especially one connected to technology, hackers respond by adapting their existing methods to account for fear and uncertainty.
According to researchers at Secureworks, there has already been a sharp rise in CrowdStrike-themed domain registrations — hackers can register new websites created to look official and trick IT managers or the public into downloading malicious software or handing over personal information.
Cyber security agencies around the world have urged IT responders to use only the CrowdStrike website for information and assistance.
This advice is mainly for IT managers who are struggling to get their organizations back online.
But individuals can also be targeted, so experts warn to be more vigilant and act only on information from official CrowdStrike channels.