Windows TCO: Cracking, Windows Catastrophe, and Microsoft's Global Outage (Azure Also)

posted by Roy Schestowitz on Jul 21, 2024

• La Prensa Latina ☛ Microsoft’s global failure with no major impact on Panama

  The Presidency also indicated that based on informations from the Civil Aeronautical Authority, the air navigation system does not use Microsoft 365 platform, so the worldwide affectation only had a local impact on the airlines’ check-in systems.

  Claudio Dutary, operations manager of the main air terminal and recurrent regional hub, affirmed to the press that all systems related to aircraft management, flight aircraft, and communication with navigation systems were not interrupted.

  The official report adds that the country’s public institutions did not register major incidents due to Microsoft’s failure.

• [Repeat] Security Week ☛ MediSecure Data Breach Impacts 12.9 Million Individuals

  According to the company, the server hosted semi-structured and unstructured data across multiple data sets, which made identifying the affected individuals not practicable without “incurring substantial cost that MediSecure was not in a financial position to meet”.

• Cyble Inc ☛ CrowdStrike Outage: Here's What Experts Have To Say

  On Friday, July 19, at 4:09 AM UTC (2:09 PM AEST), CrowdStrike released a sensor configuration update on their Falcon program targeting Windows systems. According to a statement published on the company’s blog, this update, intended to target malicious system communication tools in cyberattacks, triggered a “logic error” that resulted in an operating system crash on Windows systems, leaving Mac and Linux users unaffected.

  We have collected quotes from industry experts to provide insight into the incident: [...]

• The Record ☛ Teenage suspect in MGM Resorts [breach] arrested in Britain

  A press release from the West Midlands Police said the Regional Organised Crime Unit and the U.K.’s National Crime Agency made the arrest of the Walsall resident on Thursday, in coordination with the FBI.

  The arrest is “part of a global investigation into a large scale cyber [breach] community which has targeted a number of major companies which includes MGM Resorts in America,” they said.

• France24 ☛ Global computer outage linked to security firm CrowdStrike grounds flights, hits banks, media

  Cyber expert James Bore said real harm would be caused by the outage because systems we’ve come to rely on at critical times are not going to be available. Hospitals, for example, will struggle to sort out appointments and those who need care may not get it.

  “There are going to be deaths because of this. It’s inevitable,’’ Bore said. “We’ve got so many systems tied up with this.”

  Microsoft 365 posted on social media platform X that the company was “working on rerouting the impacted traffic to alternate systems to alleviate impact” and that they were “observing a positive trend in service availability.”

• The Hindu ☛ Microsoft outage | 24 flights cancelled at Hyderabad airport on Day 2

  All systems are operational at Hyderabad’s Rajiv Gandhi International Airport (RGIA), but the ripple effect of Microsoft outage persists. On Saturday, 24 flights to and from Hyderabad were cancelled.

  The affected routes include Chennai, Delhi, Mumbai, Kolkata, Bangalore, Raipur, Lucknow, Visakhapatnam, Goa, and Thiruvananthapuram.

• India Times ☛ Microsoft's CrowdStrike leaves business black and blue in India

  CrowdStrike, a US-based endpoint security provider to several global organisations including Microsoft, first released an update to its product - Falcon Sensor - on July 9 gradually rolling it out to companies globally over the next 10 days. On July 18 and 19, the update - intended to pre-emptively detect cybersecurity breaches - was pushed onto Microsoft devices unwittingly, triggering widespread chaos. It forced several banks, hospitals, airlines, and startups to resort to manual processes to continue operations, industry executives said.

• Futurism ☛ Microsoft Recommends Rebooting Your Computer 15 Times as Blue Screen of Death Strikes Worldwide

  As the world is still reeling from a massive IT outage triggered by a faulty security software update by CrowdStrike that forced Windows machines to crash, Microsoft is trying to pick up the pieces.

  Worse yet, the bug needs to be addressed in person by IT professionals.

• The Register UK ☛ UK cops arrest teen suspect in MGM Resorts cyberattack probe

  Cops in the UK have arrested a suspected member of the notorious Scattered Spider crime gang, which is accused of crippling MGM Resorts in Las Vegas with ransomware last summer.

• The Register UK ☛ Cybercriminals quick to exploit CrowdStrike chaos

  Just hours after a faulty CrowdStrike file shut down Windows machines around the globe, reports surfaced of scam emails using the outage as a lure and otherwise trying to use the massive outage as a means to pursue criminal activities.

• New York Times ☛ Global CrowdStrike Outage Proves How Fragile IT Systems Have Become

  The trouble began with a small Windows software update CrowdStrike sent to its customers on Thursday night. For some reason, this crashed every computer it touched. “Your PC ran into a problem,” users were cheerily informed. “It looks like Windows didn’t load correctly,” messages announced. The backdrop was the color of a perfect sky, also known as the Blue Screen of Death.

• Google ☛ APT41 Has Arisen From the DUST

  APT41 used a combination of ANTSWORD and BLUEBEAM web shells for the execution of DUSTPAN to execute BEACON backdoor for command-and-control communication. Later in the intrusion, APT41 leveraged DUSTTRAP, which would lead to hands-on keyboard activity. APT41 used publicly available tools SQLULDR2 for copying data from databases and PINEGROVE to exfiltrate data to Microsoft OneDrive.

• NPR ☛ What we know about the computer update glitch [sic] disrupting systems around the world

  From continent to continent, Microsoft users reported being suddenly knocked offline, and the culprit was determined to be cybersecurity company CrowdStrike, which says one of its routine software updates malfunctioned.

  “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” the company said in a statement.

  Customers using Mac and Linux operating systems were not affected, CrowdStrike said.

• France24 ☛ Crowdstrike's massive global IT [sic] crash: Here's what you need to know

  Much of the world faced online disarray Friday as a widespread technology outage affected companies and services across industries — grounding flights, knocking banks and hospital systems offline and media outlets off air.

• India Times ☛ Without backup plans, global IT [sic] outages will happen again

  Friday's outage was caused by an update that U.S. cybersecurity firm CrowdStrike pushed to its clients early on Friday morning which conflicted with Microsoft's Windows operating system, rendering devices around the world inoperable.

• India Times ☛ Microsoft outage: Ola’s Bhavish Aggarwal bats for stringent data localisation norms

  The Ola chief has been advocating for Made-in-India technologies and even migrated from Google Maps to his in-house Ola Maps. He invited developers to join at a subsidised cost and claimed that unlike Google his company charges in rupees and not in dollars.

  Google on Friday slashed its Maps pricing by 70% and allowed developers to pay in rupees. Aggarwal also migrated from Google Cloud to Ola’s cloud platform. Microsoft's products are used in many sectors of the Indian economy, including businesses, schools, and government organisations.

• India Times ☛ Microsoft global outage puts all on the blink

  What’s the news: Microsoft's cloud services, particularly Azure, faced issues, leading to widespread service interruptions. Sources aware of the matter told us that the issue is likely due to a recent update from CrowdStrike, a US-based cybersecurity company that provides endpoint security to several organisations globally.

• India Times ☛ Microsoft outage: Windows PCs, IT systems hit; users get 'blue screen' errors

  Bank services in Australia and New Zealand were disrupted as they lost access to computer systems, as per media reports. Australia's largest bank, Commonwealth Bank said some customers had been unable to transfer money due to the outage.

• Deccan Chronicle ☛ Microsoft's Global Outage: When the Blue Screen of Death Became the Life of the Party!

  On July 19, the tech [sic] world was saw chaos unfold as the Indian Computer Emergency Response Team (CERT-In) issued a dire advisory: a major outage was wreaking havoc on Microsoft Windows systems. The culprit? A recent update of the CrowdStrike agent, Falcon Sensor, turned countless computers into glorified paperweights, crashing them into the dreaded "Blue Screen of Death."

  As if that weren’t enough, this digital fiasco didn’t just affect office workers; it sent shockwaves through airports, banks, and media outlets worldwide. Reports of widespread system crashes flooded in, with DownDetector tracking outages at major players like Visa, Amazon, and airlines such as American Airlines and Delta. Even the stock exchanges in India—NSE and BSE—managed to stay afloat while chaos reigned elsewhere. Talk about a silver lining!