IT problems will take time to fix, says cyber-security firm boss
The boss of cyber-security firm Crowdstrike has admitted it could be "some time" before all systems are back up and running after an update from the company triggered a global IT outage, News.Az reports citing BBC news.
Experts are warning that it could take days for big organisations to get back to normal.Although there is now a software fix for the issue, the manual process required will take a huge amount of work, they said.
The global outage has led to almost 1,400 flights being cancelled, while banking, healthcare and shops have all been affected.
The issue was caused when an update from Crowdstrike caused Microsoft systems to "blue screen" and crash.
The problem piece of software was sent out automatically to the firm's customers overnight which is why so many were affected when they came into work on Friday morning.
It meant their computers could not be restarted.
Writing on X, Crowdstrike chief executive George Kurtz said: "The issue has been identified, isolated and a fix has been deployed."
In an interview on NBC's Today Show in the US, Mr Kurtz said the company was "deeply sorry for the impact that we've caused to customers".
"Many of the customers are rebooting the system and it's coming up and it'll be operational," he said, but added: "It could be some time for some systems that won't automatically recover."
The fix will not be automatic, but what the industry calls a "fingers on keyboards" solution.
Researcher Kevin Beaumont said: “As systems no longer start, impacted systems will need to be started in ‘Safe Mode’ to remove the faulty update.
"This is incredibly time consuming and will take organisations days to do at scale."
Technical staff will need to go and reboot each and every computer affected, which could be a monumental task.
Crowdstrike is one of the biggest and most trusted brands in cyber-security.
It has about 24,000 customers around the world and protects potentially hundreds of thousands of computers.
The wording of Mr Kurtz's statement suggests the overnight update was supposed to be small, describing it as a "content update".
So it was not a major refresh of the cyber-security software. It could have been something as innocuous as the changing of a font or logo on the software design.
Similar news
