We Finally Know What Caused the Global Tech Outage - And How Much It Cost
The recent CrowdStrike software glitch caused a global tech outage, crashing computers, canceling flights, and disrupting hospitals. The incident has cost Fortune 500 companies over $5 billion, highlighting the risks of reliance on a single cybersecurity firm.
Insurers have started calculating the financial damage caused by last week’s devastating CrowdStrike software glitch, which crashed computers, canceled flights, and disrupted hospitals globally. This incident, described as the largest IT outage in history, will cost Fortune 500 companies alone more than $5 billion in direct losses, according to an analysis by Parametrix.
The massive outage was triggered by a single automated software update from CrowdStrike, a leading cybersecurity firm. The update, meant for CrowdStrike's Falcon cybersecurity software, caused millions of computers running Microsoft Windows to crash due to a faulty interaction with the operating system.
Key Figures and Impacts
The health care and banking sectors were hardest hit, suffering estimated losses of $1.94 billion and $1.15 billion, respectively. Airlines, including Delta Air Lines, American, and United, collectively lost $860 million. In total, Fortune 500 companies may have lost as much as $5.4 billion in revenues and gross profit. Only a small portion of these losses, about 10% to 20%, may be covered by cybersecurity insurance policies.
Fitch Ratings noted that business interruption, travel, and event cancellation insurance are likely to see the most claims from the outage. This incident highlights the growing risk of single points of failure as companies consolidate to leverage scale and expertise, leading to fewer vendors with higher market shares.
What Went Wrong
CrowdStrike’s preliminary report on the incident reveals that a bug in their cloud-based testing system allowed the flawed update to be released. The issue caused an “out-of-bounds memory read” on Windows devices, leading to system crashes and the infamous Blue Screen of Death. The faulty update, published just after midnight Eastern time on July 19, was rolled back an hour and a half later, but not before millions of devices were affected.
The glitch mainly impacted organizations in Europe and Asia, where the workday was already underway. CrowdStrike has committed to preventing such incidents in the future by implementing new validation checks and adopting a staggered update release approach.
Recovery Efforts and Future Steps
Businesses, particularly Delta Air Lines, are still dealing with the fallout. The Department of Transportation is investigating the impact on airlines. CrowdStrike plans to release a more detailed analysis and is working on measures to give customers more control over updates.
This incident underscores the interconnected nature of the global tech ecosystem and the significant risks associated with software glitches in critical cybersecurity infrastructure.
For further details on the companies and systems involved, visit CrowdStrike and Microsoft Windows.
What's Your Reaction?
