PH businesses hit by the recent tech outage

Major companies in the Philippines were not spared.

File photo: Microsoft 365 outage

Banks, airlines, and more were affected

On Friday, Microsoft experienced a massive outage across its services. Reports said Microsoft 365 also known as the cloud-powered productivity platform of Microsoft encountered a significant downtime.

It was reported that it is an issue affecting organizations globally that have installed "CrowdStrike Falcon."

The incident affected many businesses, including those in the Philippines. Operations were hampered as the majority of Microsoft's services were affected such as 365, Live, and Outlook.

In the Philippines, several banks announced that their services were affected. They later on announced on Friday that their online services have resumed. These include BDO, RCBC, Metrobank, BPI, Land Bank, and Union Bank.

Some airlines were also hit by the outage, such as Cebu Pacific, and AirAsia.

What happened?

In a statement, CrowdStrike Founder and CEO George Kurtz apologized for the outage.

We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority, Kurtz said.

In another statement, the company explained what caused the outage.

As part of ongoing operations, CrowdStrike said it released on July 19 a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform.

This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems. The sensor configuration update that caused the system crash was remediated on the same day.

The company said it has corrected the logic error by updating the content in Channel File 291. No additional changes to Channel File 291 beyond the updated logic will be deployed. Falcon is still evaluating and protecting against the abuse of named pipes.

This is not related to null bytes contained within Channel File 291 or any other Channel File, it added.

CrowdStrike emphasized that the issue was not the result of or related to a cyberattack. Meanwhile, systems running Linux or macOS do not use Channel File 291 and were not impacted, it noted.

CrowdStrike is operating normally, and this issue does not affect our Falcon platform systems. There is no impact to any protection if the Falcon sensor is installed. Falcon Complete and Falcon OverWatch services are not disrupted, Kurtz said.

He reminded the public that adversaries and bad actors will try to exploit events like this. He encouraged everyone to remain vigilant and ensure that they are engaging with official CrowdStrike representatives.

Our blog and technical support will continue to be the official channels for the latest updates, Kurtz said.

CrowdStrike said it is doing a thorough root cause analysis to determine how this logic flaw occurred.

We are committed to identifying any foundational or workflow improvements that we can make to strengthen our process. We will update our findings in the root cause analysis as the investigation progresses, it added.

What do you think about this?

Source: CrowdStrike