Connect with us

Tech

Timeline: How the CrowdStrike outage unfolded | CNN Business

Published

on

Timeline: How the CrowdStrike outage unfolded | CNN Business


New York
CNN
 — 

A global software outage Friday brought many computer systems across business, healthcare, technology and government sectors to a screeching halt in under 12 hours.

How did the crash unfold? Which systems have recovered, and which ones are still affected? We break it down. (All times Eastern Time.)

Late Thursday night and early Friday, 911 centers and transportation services are disrupted

Overnight on Thursday and into Friday, several states, including Alaska and Arizona, experience 911 service outages. Some hospitals also begin experiencing technology issues overnight, according to nurses on shift.

Between 2 and 3 a.m., the Federal Aviation Administration announces that all Delta and American Airlines flights are grounded. Several minutes later, the FAA says flights from United and Allegiant Airlines have been grounded regardless of their destination.

Spirit Airlines says its flight reservation system has also been affected by the outage.

A few hours later, between 5 and 6 a.m., public transit systems in the Northeast begin announcing that they have been impacted. Washington, DC, public transportation services — including trains and buses — begin experiencing delays, according to the Washington Metropolitan Area Transit Authority.

In New York City, the Metropolitan Transportation Authority, North America’s largest transportation network, says customer information systems have gone temporarily offline, but train and bus services remain unaffected.

At 5:30 a.m., US cybersecurity firm CrowdStrike tells customers that it was “aware of reports of crashes” of its software on Microsoft Windows operating systems, according to a company advisory viewed by CNN. CrowdStrike’s cybersecurity software — used by numerous Fortune 500 companies — detects and blocks hacking threats.

Between 6 and 7 a.m., the White House investigates and global banks report issues

Between 6 and 7 a.m.: A White House National Security Council spokesperson tells CNN they are “aware of the incident and are looking into the issue and impacts.” A White House source familiar with the matter tells CNN there are no indications at this time of malicious activity, though the administration is still investigating.

Global banks start reporting some service disruptions, including Australia’s Commonwealth Bank, South Africa’s Capitec, and the Bank of Israel. Australian lenders ANZ and Westpac were also impacted, according to Downdetector, a website that tracks cyber outages. Downdetector has also reported issues for New Zealand’s ASB Bank.

Portland Mayor Ted Wheeler issues an emergency declaration in response to the outage that affected Bureau of Emergency Communication’s Computer Aided Dispatch system that is used for fielding emergency calls. The bureau begins taking calls manually, according to the mayor’s office.

Meanwhile, United Airlines announces that it is resuming “some flights.”

Between 8 and 9 a.m., some flights resume but airports brace for a busy day

Delta Air Lines resumes some flight departures and issues travel waivers to affected customers.

A spokesperson for Atlanta’s Hartsfield Jackson International Airport said that systems were operational and the airport put in place additional customer service personnel to address the challenges they’re facing.

The spokesperson urged customers to “have patience. We’re trying to have grace and patience with all of the passengers. We’re asking the same.”

Later Friday morning, Charlotte Douglas International Airport, an American Airlines hub, advises passengers to not go to the airport “unless they have confirmed their flight information with the airline.” Officials at Miami International Airport, another American Airlines hub, likewise warn travelers that US Customs and Border Protection operations have been affected nationwide, “so international passenger arrivals are currently being processed manually at a slower pace.”

Between 9 a.m. and noon, federal agencies get involved and Biden is briefed

A little before 9 a.m., Alaska State Troopers and Phoenix Police Department in Arizona say that service at its 911 centers are once again operational after emergency and non-emergency call centers were impacted.

Portland’s Computer Aided Dispatch system also comes back online at 9 a.m.

“At no time was the community’s ability to make 911 calls impacted,” the mayor’s office says in a news release. “The critical, life-saving services of public safety bureaus, including Police and Fire & Rescue, continue.”

The Federal Communications Commission announces it is working with federal agencies to provide assistance and determine the extent of the outage after it was made aware of “reports of a systems outage causing disruptions in service, including 911.”

President Joe Biden is briefed on the CrowdStrike outage and his team is in touch with CrowdStrike and impacted entities, says a White House official. The president’s team is also engaged with agencies “to get sector by sector updates throughout the day and is standing by to provide assistance as needed,” according to the official.

Around this time, an increasing number of federal agencies begin getting involved and reporting service disruptions. The US Department of Homeland Security says in a statement on X they are “working with CrowdStrike, Microsoft and our federal, state, local and critical infrastructure partners to fully assess and address system outages.”

Social Security offices close to the public, as the agency warns the public that “longer wait times on our national 800 number are expected.”

In an internal memo viewed by CNN, the US Department of Justice says it is feeling some impact from the technology outage and, while it’s working on workarounds, notes it does not have an “estimated restoration time.”

Mail carriers UPS and FedEx tell CNN they were also impacted by the outage. UPS says its airline is operational and its drivers are on the roads, but there may be some service delays.

A little after 11 a.m., CrowdStrike CEO George Kurtz says in a post on X, the firm “(understands) the gravity of the situation and are deeply sorry for the inconvenience and disruption,” adding that the incident was not a cyber attack, and that customers’ data remains protected.

“The issue has been identified and a fix has been deployed,” he said. “There was an issue with a Falcon content update for Windows Hosts.”

Late morning through early afternoon: canceled doctors and DMV appointments

The Massachusetts Department of Transportation announces that some Registry of Motor Vehicle operations are impacted. Other states also report impacts to their driving services, including Georgia, North Carolina, Texas and Tennessee.

Around the same time, several of the nation’s healthcare and hospital systems announce they have been impacted by the global outage, including Mass General Brigham hospital system in Massachusetts, Penn Medicine in Pennsylvania, Northwell Health in New York, and Emory Healthcare in Atlanta.

While some hospitals report delays in services, others cancel some non-urgent surgeries and medical office visits. Several cancer centers, including Dana-Farber Cancer Institute in Boston and New York’s Memorial Sloan Kettering Cancer Center say they have paused certain procedures and scheduled appointments.

In British Columbia, the Provincial Health Services Authority (PHSA) announces its health system has been impacted, and is working on implementing contingency plans in order to ensure care for patients.

Around 4 p.m., New York Blood Center, a supplier of blood to approximately 200 hospitals in the Northeast United States, says it has put in place an emergency driving operation to distribute blood.

“The test tubes are not making it onto planes from yesterday and today, requiring for us to drive them,” New York Blood Center’s senior vice president Andrea Cefarelli told CNN in a phone call. “There is going to be a 12-24 hour delay in getting the test results.”

Blood Centers of America, which rely on shipping companies like FedEx, says it is experiencing delays in reporting test results. Executive Vice President Jenny Ficenec says blood usage may be down due to hospitals canceling elective surgeries, so the delay should not cause any shortages unless the problem persists.

Blood Assurance, which provides blood to hospitals in a number of Southeast states, including Tennessee, Georgia, North Carolina and Virginia, says its planned shipment of at least 20 platelets has been postponed due to flight delays and cancellations caused by the outage.

“We are asking community members to help through donation,” Blood Assurance says in an email to CNN. “We have a fantastic community of donors that always shows up when we need them.”

Meanwhile, CrowdStrike CEO Kurtz takes to social media again and promises customers “full transparency” on how the global IT outage involving the company’s software occurred.

CrowdStrike would take steps “to prevent anything like this from happening again,” according to a statement on the company’s website.

In a statement Saturday morning, Microsoft estimates the outage affected 8.5 million Windows devices.

That’s less 1% of all Windows machines, according to Microsoft, but the company adds that “the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.”

Various sectors are still feeling the aftershocks of the outage. Although airlines have largely resumed services, many tell customers that they expect disruptions in schedules to continue.

As of noon on Saturday, at least 3,375 flights across the United States have been delayed and more than 1,200 canceled, according to data from flight tracker FlightAware. Atlanta’s Hartsfield-Jackson International Airport, the nation’s busiest airport, remains the most affected. Delta Air Lines has canceled more than 500 flights, while United Airlines has canceled almost 300, according to FlightAware.

Continue Reading
Click to scroll the page