Microsoft has revealed that an estimated 8.5 million computers worldwide were disabled by a global IT outage caused by a corrupted software update from cyber security company CrowdStrike. This incident, which is still causing problems around the world, has been described as one of the worst cyber-incidents in history.
In a blog post, Microsoft’s vice-president, David Weston, stated that the number of affected devices is less than 1% of all Windows machines globally, but the economic and societal impacts are significant due to the critical services run by enterprises using CrowdStrike.
The tech giant emphasized that the issue was not with its software, but rather with the quality control checks on updates sent out by companies like CrowdStrike. The fallout from the IT glitch has been enormous, prompting warnings from cyber-security experts and agencies about potential opportunistic hacking attempts linked to the outage.
Cyber agencies in the UK and Australia are cautioning people to be vigilant against fake emails, calls, and websites pretending to be official, while CrowdStrike head George Kurtz urged users to verify the authenticity of fixes before downloading them.
Hackers have already begun exploiting the fear and uncertainty surrounding the incident, with a sharp rise in CrowdStrike-themed domain registrations aimed at tricking IT managers and the public into downloading malicious software or divulging private information.
As organizations work to get back online, cyber security agencies are advising IT responders to only use official CrowdStrike channels for information and assistance. Individuals are also being warned to be hyper-vigilant and to act only on information from trusted sources to avoid falling victim to cyber-attacks.