Microsoft outages are causing major global disruption. Here’s what we know so far, and what it could mean for information security at your organization.
Did you get woken up in the early hours of this morning with your laptop making a beeping noise? Well, you’re not alone. On July 19, 2024, a significant outage rocked Microsoft services, causing disruptions across various sectors, including airlines, banks, and emergency services. The technical hiccup was linked to an issue with CrowdStrike's Falcon Sensor software, triggering the infamous Blue Screen of Death (BSOD) and alarms on Windows devices all over the world.
What caused the outages?
Late on July 18, users started seeing BSOD errors on their Windows devices. Microsoft traced the problem to CrowdStrike's Falcon Sensor. This conflict led to failures in Microsoft's Azure cloud services. Airlines were grounded, TV stations went off the air, and financial institutions faced service disruptions. Microsoft engineers continue working to restore services.
What are the security implications for businesses?
This incident underscores the risks of integrating third-party applications deeply into your IT infrastructure. While tools like XM Cyber, Dragos, and Palantir offer advanced security capabilities, they also come with potential cybersecurity vulnerabilities and operational risks. Here are four of them:
- Complex interdependencies: Using multiple security solutions can create complex interdependencies. If you don’t manage these carefully, they can lead to significant system failures, as seen with the BSOD errors
- Operational risks: Allowing third-party tools deep access to IT infrastructure can expose your business to operational risks. A failure in one component can cascade, affecting critical services. This highlights the importance of thorough testing and robust contingency planning
- Data security concerns: These tools handle sensitive data, making them attractive targets for cyber attacks. Ensuring these tools themselves are secure is crucial for maintaining overall security
- Regulatory compliance: For sectors handling highly sensitive data - like finance or healthcare - outages and security failures can lead to non-compliance with regulations such as GDPR or ISO 27001 which can lead to legal issues and big penalties
These outages are another reminder that businesses need to balance the benefits of advanced security tools with the risks of integrating them. It also supports a more structured approach to your information security. Specifically, a security program that helps you identify and manage your most critical risks first while working toward compliance certifications at the same time.
Dan Buss, a Senior Information Security expert at DataGuard agrees. "These outages once again serve as a wake-up call for organizations to rethink their information security strategies,” Dan says.
“It's not just about having the best tools but ensuring they’re integrated and managed properly. At DataGuard, we believe in a structured approach to information security. That means addressing the most critical risks first, leveraging digital ISMS for continuous risk mitigation, and empowering human judgment with AI-driven insights. This structured approach will help you achieve certifications like ISO 27001. But, more importantly, it also reduces your overall risk exposure to events like the ones we’re seeing today.”
FAQs
Are Microsoft servers down right now?
As of the latest updates, Microsoft servers have been experiencing significant outages. The issues started late on July 18, 2024, and have impacted various services, including Azure cloud services, affecting numerous high-profile clients globally.
What’s causing the Microsoft outage?
The primary cause of the Microsoft outage is linked to a conflict with CrowdStrike's Falcon Sensor software. This conflict triggered Blue Screen of Death (BSOD) errors on many Windows devices, leading to widespread failures across Microsoft’s Azure cloud services and other critical systems.
How DataGuard can help you manage risks effectively
Each organization has its own risks. You need an experienced professional familiar with your industry to understand your company context. DataGuard can help you identify, manage and mitigate the risks unique to your business, securing your most critical assets first.
Be prepared to combat the latest cyber threats with a straightforward scenario-based approach to risk management. The industry-specific guidance provided by our security experts will help you focus your resources on what’s most important, leading to impactful and effective security efforts.