- author, Joe Teddy
- Role, Cyber Correspondent, BBC News
Microsoft says it estimates that 8.5 million computers worldwide were affected by the global IT outage.
This is the first time a number has been put on the incident, which continues to cause problems around the world.
This flaw came from a cybersecurity company called CrowdStrike, which sent out a corrupted software update to a large number of its customers.
“We currently estimate that the CrowdStrike update affected 8.5 million Windows devices,” Microsoft, which is helping customers recover, said in a blog post.
That number is less than 1% of all Windows PCs worldwide, but “the broad economic and societal impacts reflect the use of CrowdStrike by businesses that run many critical services,” says the article, written by David Weston, the company’s vice president of enterprise and operating systems.
The company can be very accurate about how many devices were disabled by the outage as it has telemetry of the performance of many of them through their internet connections.
The tech giant – which was keen to point out that this was not a problem with its software – says the incident highlights how important it is for companies like CrowdStrike to use quality control checks on updates before they are sent out.
“It also serves as a reminder of how important it is for all of us across the technology ecosystem to prioritize operating with secure deployment and disaster recovery using existing mechanisms,” said Mr. Weston.
The consequences of the IT malfunction were enormous and it was already one of the worst cyber incidents in history.
The number provided by Microsoft suggests that this may be the largest cyber event ever, surpassing all previous hacks and outages.
The closest thing to this is the WannaCry cyberattack in 2017, which is estimated to have affected around 300,000 computers in 150 countries. There was a similarly costly and destructive attack called NotPetya a month later.
2021 also saw a major six-hour outage at Meta, which runs Instagram, Facebook and WhatsApp. But the outage was largely confined to the social media giant and some of its associated partners.
The massive outage has also prompted cybersecurity experts and agencies around the world to warn of a wave of opportunistic hacking attempts linked to IT outages.
Cybersecurity agencies in the UK and Australia are warning people to be wary of fake emails, calls and websites pretending to be official.
CrowdStrike President George Kurtz urged users to make sure they speak to official representatives from the company before downloading the fixes.
“We know that adversaries and malicious actors will try to exploit events like this,” he said in a blog post.
When there is a major news event, especially if it is technology-related, hackers respond by adjusting their existing tactics to account for the fear and uncertainty.
According to researchers at Secureworks, we’ve already seen a sharp rise in CrowdStrike-themed domain registrations – where hackers register new websites designed to look official and potentially trick IT managers or members of the public into downloading malware or handing over private details.
Cybersecurity agencies around the world have urged IT responders to use the CrowdStrike website only for information and assistance.
The advice is particularly aimed at IT managers who are affected by this as they try to get their organizations back online.
But individuals can also be targeted, so experts warn to be extremely cautious and only act on information from official CrowdStrike channels.