How CrowdStrike took the world offline

Computers around the world failed on Friday, paralyzing businesses and shutting down everything from airlines and television networks to emergency and hospital services.

Cybersecurity firm CrowdStrike (CRWD) said a bug in one of its software updates for Microsoft’s (MSFT) Windows had disabled the systems.

The incident threw companies and government agencies around the world into chaos as they were unable to access computer programs needed to continue operations.

New York’s Memorial Sloan Kettering Cancer Center announced it was suspending the start of any new procedures requiring anesthesia while airlines, including Delta (DAL) and American Airlines (AAL), were forced to suspend flights. The UK’s Sky News network was unable to broadcast live news, JPMorgan bankers were unable to log into their systems, and 911 services in Alaska went offline.

The cascade of failures across such a wide range of organizations has left some wondering how a single update could bring down so many companies and agencies in such a short time.

The problem, however, is a direct result of the way our current Internet infrastructure works.

The web is powered by several major players, including Microsoft, Amazon (AMZN), and Google (GOOG, GOOGL). But beyond them are smaller, but no less important, companies that connect their software to the platforms of these technology giants. CrowdStrike offers, among other things, cybersecurity programs for Windows that companies access through the cloud.

Because many organizations rely on Windows — and because CrowdStrike has become a major player in the cybersecurity space — a large number of major enterprises, government organizations, and financial institutions use both companies’ software platforms.

When CrowdStrike released an update to its software, companies using Windows systems began experiencing errors, leading to outages.

“Updates happen an incredible number of times every day,” explained Gregory Falco, assistant professor of mechanical and aerospace engineering and systems engineering in the Sibley School Program at Cornell University. “Most of them you don’t notice. Some of them are annoying, when things slow down or you have to restart your computer.

“But then,” he added, “sometimes these updates don’t work as expected.”

Cybersecurity is an integral part of any company that does business over the Internet. Hackers are constantly looking for flaws in systems, and cybersecurity companies like CrowdStrike continually release updates to address potential flaws these hackers may miss.

The story continues

In the meantime, companies will apply updates as quickly as possible to ensure their systems are as secure as possible against potential attacks. And because the CrowdStrike update was released so quickly, every organization using its software was hit by the same bug at the same time.

Said Benjamin Lee, professor of informatics and information science at the University of Pennsylvania: “Any computer system that does not install the update will be at risk of attack with a known vulnerability. That’s why so many companies, financial firms and other organizations installed – at exactly the same time – this CrowdStrike software update and suffered the consequences.”

It was this combination of a small number of companies running the Internet and companies needing to keep their cybersecurity software up to date at all times that pushed millions of computers to their breaking point on Friday.

CrowdStrike has released a fix for its software and is actively rolling it out to customers. But that doesn’t mean all businesses will come back online immediately.

“Due to the way the update was implemented, recovery options for affected machines are manual and therefore limited,” explained Forrester principal analyst Andras Cser. “Administrators should connect a physical keyboard to each affected system, boot into Safe Mode, remove the compromised CrowdStrike update, and reboot.”

In other words, it may take some time for the entire outage to be fully resolved.

For now, IT administrators around the world will be working day and night to get their systems back up and running. As for the average person, there is nothing to do but sit and wait. And unless Internet companies drastically change the way they operate, something like this will inevitably happen again.

Email Daniel Howley at dhowley@yahoofinance.com. Follow him on Twitter at @DanielHowley.

Click here for the latest technology news that will impact the stock market.

Read the latest financial and business news from Yahoo Finance