Updated: Black Arrow Cyber Alert 19 July 2024 – IT outages causing chaos worldwide, airports, airlines, hospitals, emergency services, shipping, media, banks affected - CrowdStrike blamed

Update: We can now confirm from statements provided by both Microsoft and CrowdStrike that a Crowdstrike content update was the cause of the outage

Executive summary 

Black Arrow is aware of ongoing outages affecting airlines, media outlets, stock exchanges, shipping, hospitals, emergency services, banks globally.  

This is an ongoing and unfolding situation which we will continue to monitor and update. 

These disruptions appear to have occurred due to recent updates from both CrowdStrike and Microsoft, resulting in device access issues and Blue Screen errors. CrowdStrike has identified the problematic update and taken corrective action. For affected users,the advice is to boot into Safe Mode or the Windows Recovery Environment, navigating to the C:\Windows\System32\drivers\CrowdStrike directory, and deleting the file corresponding to C-0000029*.sys. 

For the latest updates on this story further information can be found on the BBC: 
https://www.bbc.co.uk/news/live/cnk4jdwp49et?post=asset%3Aaaba3e5c-a8b0-4d60-bcde-32c1e3a6c2a3#post 

Need help understanding your gaps, or just want some advice? Get in touch with us. 

#threatadvisory #threatintelligence #cybersecurity