- author, Joe Diddy
- stock, Cyber Correspondent, BBC News
Microsoft estimates that 8.5 million computers worldwide have been disabled by global IT outages.
This is the first time a number has been put to the incident, which continues to cause problems around the world.
The glitch came from a cyber security company called CrowdStrike, which sent out a corrupted software update to many of its customers.
In a blog post to help customers recover, Microsoft said: “We currently estimate that an update to CrowdStrike has affected 8.5 million Windows devices.”
The post by David Weston, the company’s vice president, enterprise and OS, said the number is less than 1% of all Windows computers worldwide, but the “wider economic and social implications reflect the use of CrowdStrike by many organizations for critical services”.
Since many have performance telemetry through their Internet connections, the company can tell more precisely how many devices were disabled by the outage.
The incident highlights how important it is for companies like CrowdStrike to apply quality control tests before the tech giant – which is keen to point out that it’s not a problem with its software – sends out updates.
“It’s a reminder to everyone in the technology ecosystem how important it is to prioritize working with secure deployment and disaster recovery,” Mr Weston said.
The fallout from the IT breach was massive and already one of the worst cyber incidents in history.
The number provided by Microsoft means that this is the biggest cyber incident ever, eclipsing all previous hacks and outages.
Closest to this is the 2017 WannaCry cyber attack that affected 300,000 computers in 150 countries. A month later a similarly costly and disruptive attack called NotPetya occurred.
Meta, which operates Instagram, Facebook and WhatsApp, had a six-hour strike in 2021. But that’s mostly down to social media companies and some affiliate partners.
The massive outage has also prompted warnings from cyber security experts and agencies around the world about a wave of opportunistic hacking attempts linked to IT outages.
Cyber agencies in the UK and Australia are warning people to be aware of fake emails, calls and websites pretending to be official.
CrowdStrike President George Kurtz encouraged users to make sure to speak with the company’s official representatives before downloading fixes.
“We know that adversaries and bad actors will try to exploit such events,” he said in a blog post.
Whenever there is a major news event, especially one connected to technology, hackers respond by adapting their existing methods to account for fear and uncertainty.
According to researchers at Secureworks, there has already been a sharp rise in CrowdStrike-themed domain registrations — hackers can register new websites created to look official, trick IT managers or the public into downloading malicious software or handing over personal information.
Cyber security agencies around the world have urged IT responders to use only the CrowdStrike website for information and assistance.
This advice is mainly for IT managers who are trying to get their organizations back online and are affected by this.
But individuals can also be targeted, so experts warn to be more vigilant and act only on information from official CrowdStrike channels.