One week after the gigantic global outage that made millions of Windows-based devices unusable and wreaked havoc at airports, 97% of the machines affected are back up and running, CrowdStrike announced on Friday, July 26. "Our recovery efforts have been enhanced thanks to the development of automatic recovery techniques and by mobilizing all our resources to support our customers," said the company's CEO, George Kurtz.

On Friday, July 19, a series of simultaneous outages was triggered worldwide after an update to Falcon, a security tool developed by the American company CrowdStrike, was sent out at around 6 am (French time). The company's software is deployed on large computer networks to monitor activity and detect any suspicious elements, such as a virus or theft of confidential data. The update contained a faulty file that caused a "fatal error," going so far as to completely block computers running the Windows operating system. CrowdStrike's teams quickly identified the problem and, around an hour and a half later, issued a new update to correct it.

All Windows computers running Falcon that were already turned on or that started up during this period of time were able to download the faulty update and suffered serious crashes, leading to cascading freezes in multiple sectors, including aviation, hospitals, logistics companies, and the media. The situation was made all the more critical by the fact that for many of the machines affected by the bug, it was impossible to install the patch, as the computer could no longer boot up or connect to the internet.

One week on, the cost of the worst computer outage in history to date remains difficult to calculate. Estimates released at the beginning of the week by insurers specializing in "cyber risk" were rather implausible, suggesting a figure in the billions of dollars. But airlines, which were most directly affected by the outage, have put forward much lower figures. Air France announced a loss of €10 million, while Delta Airlines, by far the company hardest hit by the bug, reported a loss that could exceed €400 million, according to experts whose calculations also include possible fines linked to the US company's mishandling of the crisis.

CrowdStrike, known for the quality of its investigative teams, saw its share price plunge by around 30% after the outage. After the embarrassing technical fiasco, the company's communication was haphazard: It did publish a detailed report going back over the causes of the problem, but this "postmortem," as this type of document is known, fell far short of answering all the questions. CrowdStrike gave a summary explaining that an automated configuration file tool had malfunctioned without detailing why or how.

You have 27.03% of this article left to read. The rest is for subscribers only.