‘The worst incident I’ve ever seen’ – BMIT Head of Information Security Services reacts to global outages

On Friday (today), two major outages wreaked havoc across global airlines, businesses and banks. Caused by two issues occurring simultaneously, Head of Information Security Services at BMIT Technologies Christian Bajada remarks that this is the worst incident he’s ever encountered.  

Between late Thursday evening and Friday morning, a Microsoft outage led to large-scale disruptions for those relying on the tech’s software. This includes a number of banks – which locally no impact has as of yet been registered – and airlines across the globe, among others. Indeed, Malta International Airport saw hefty delays on Friday morning as airlines faced delays.

In comments given to MaltaCEOs.mt, Mr Bajada shared that while there were two major issues, the Azure and the CrowdStrike outages, the “biggest and messiest one” was by the latter and were in no way related to each other.

Microsoft Azure is a cloud computing platform with 200 products and cloud services including computing, storage and networking.

Media reports referenced a note on the company’s website where it attributed the Azure outage to a “configuration change in a portion of the Azure backend workloads.”

This has caused interruption between storage and computer resources which resulted in connectivity failures that affected downstream Microsoft 365 services, which is dependent on these connections. This was eventually solved.

Mr Bajada pointed out that when it comes to cloud service providers, it is “normal” for users to experience outages.

“Some are planned, while others are not and only happen incidentally. However, the biggest issue faced in recent hours was prompted by the CrowdStrike outage that impacted Windows machines, but wasn’t prompted by Microsoft itself,” he adds.

CrowdStrike is a cybersecurity application used by different businesses. Mr Bajada noted that like any other cybersecurity application, CrowdStrike is used by different businesses for their machines and computers to detect any issues of malware or threat.

“It is an antivirus with some extra functionality and it is specifically designed to look into the inner happenings of the operating systems. The issue arose when updates were rolled out that caused the machines to crash,” he continues.

He remarks that CrowdStrike are known leaders in the market which has ultimately led people to “blindly trust them.”

“This is not the cheapest option either and many companies look beyond their budget to make sure that they are equipped with the best on the market. However, instances like today only happen because people trusted products and their marketing blindly,” he noted.

Unfortunately, Mr Bajada notes that in this case a lengthy recovery is expected because the outage effectively “bricked” the computers, freezing them from being used.

When computers are rebooted, he adds, the administrators have to manually access the computer and fix it themselves, making the process more tedious and complicated.

“If they are encrypted, which is the best practice, administrators would have to manually enter the keys to access and fix the damage. It is a very messy situation, where one cannot just update the server and return to normal,” he reiterates.

A situation like today’s, prompted Mr Bajada to be reminded of the Y2K concerns. Back in the day, many were concerned that as midnight struck and the year switched to the millennium, software and hardware would fail leading to large-scale disruptions.

“That is exactly what happened today,” Mr Bajada added.

Asked whether business can have an alternative option to prevent such disruptions in the future, Mr Bajada highlighted that it is very difficult to have different options.

However, he emphasises that it is crucial for businesses to make smarter decisions from the outset. “Trust the people you know best. Its all about doing supplier security management whenever you can,” he concluded.

What happened so far?

Ryanair was one of the affected airlines experiencing disruptions. This morning it advised all passengers to arrive at the airport at least three hours prior to the scheduled departure time.

This certainly caused operational and crowd control issues to Malta’s already busy airport during peak season.

In fact, a few moments after the Ryanair comments, Malta International Airport issued a statement warning upcoming customers of delays as a result of disruptions with multiple airlines. It also adviced travellers to check for regular updates.

Malta-based pharmaceutical manufacturer Teva and medical device manufacturer Baxter are both suffering with major disruptions to their internal online systems.

Meanwhile, commenting on the outage on X, CrowdStrike CEO George Kurtz remarked that the firm is actively working with customers impacted by a defect found “in a single content update for Windows host. Mac and Linux hosts are not impacted.”

He reiterated that the outage was not caused by a security incident or a cyberattack.

“This issue has been identified, isolated and a fix has been deployed. We further recommend organisations ensure they’re communicating with CrowdStrike representatives through official channels,” he added.

Social Image: Computers across the globe face the ‘blue screen of death’ / X