- author, Joe Tiddy
- role, BBC News Cyber Correspondent
Microsoft estimates that the global IT outage left 8.5 million computers out of service around the world.
This is the first time that a number has been put on this incident, which continues to cause problems around the world.
The glitch occurred when a cybersecurity firm called CrowdStrike sent a broken software update to a huge number of customers.
Microsoft, which is helping customers recover, said in a blog post that it “currently estimates that the CrowdStrike update affected 8.5 million Windows devices.”
According to a post from David Weston, the company’s vice president of enterprise and operating systems, while that figure represents less than 1% of Windows machines worldwide, “the widespread economic and societal impact reflects CrowdStrike’s use by companies that run many critical services.”
The company keeps performance telemetry for many internet-connected devices, giving it a very accurate idea of how many devices were disabled by the outage.
The tech giant stressed that this was not an issue with its software, and said the incident highlights how important it is for companies like CrowdStrike to conduct quality control checks before sending out updates.
“This is also a reminder of how important it is for all of us across the technology ecosystem to use existing mechanisms to prioritize safe deployment and disaster recovery,” Weston said.
The impact of the IT outage has been enormous, making it one of the worst cyber incidents in history.
The figures released by Microsoft mean that this is the biggest cyber incident in history, likely surpassing all previous hacks and outages.
The closest comparison was the WannaCry cyberattack in 2017, which is estimated to have affected around 300,000 computers across 150 countries, followed a month later by an equally damaging and destructive attack called NotPetya.
Meta, which owns Instagram, Facebook and WhatsApp, also experienced a major six-hour outage in 2021, but this was mainly limited to the social media giants and some associated partners.
The massive outage has prompted cybersecurity experts and agencies around the world to warn of a series of hacking attacks linked to the IT glitch.
Cyber agencies in the UK and Australia have warned people to be wary of fake emails, phone calls and websites pretending to be official.
CrowdStrike representative George Kurtz also urged users to always speak with an official CrowdStrike representative before downloading any patches.
“We know that adversaries and bad actors will seek to exploit events like this,” he said in a blog post.
Whenever there is big news, especially related to technology, hackers respond by tweaking their existing techniques to take fear and uncertainty into account.
Researchers at Secureworks say they’ve already seen a surge in CrowdStrike-themed domain registrations, with hackers registering new websites to appear official and potentially trick IT administrators and members of the public into downloading malicious software or handing over personal information.
Cybersecurity agencies around the world are urging IT responders to only use CrowdStrike’s website for information and assistance.
This advice is primarily aimed at IT administrators who are impacted as they try to bring their organizations back online.
However, individuals can also be targeted, and experts warn to be extremely vigilant and only act on information coming from CrowdStrike’s official channels.