On Friday, July 19, numerous large banks, media outlets, government agencies, and airlines worldwide experienced system crashes due to IT failures, leading to service disruptions.
The root cause of the global chaos on Friday was identified as the Microsoft Windows operating system software update released by the cybersecurity company CrowdStrike. CrowdStrike stated that Windows devices experienced a global outage, while Mac and Linux systems remained unaffected.
George Kurtz, the CEO of CrowdStrike, mentioned that since early Friday morning, many businesses have been impacted by “blue screen of death” issues on Microsoft devices, while Mac users remained unaffected.
Analyst Dan Ives from Wedbush Securities pointed out that one of the reasons Apple’s 2.2 billion iOS devices were spared from the network security chaos was due to the “advantages of the Apple ecosystem.”
“Everything is controlled within the four walls of Apple Park,” Ives told CNBC.
Apple and Microsoft’s operating systems differ. iPhone, Mac, and all other Apple products are subject to strict control by Apple in terms of security and updates. Windows system updates are more frequent, with a larger software library compared to Apple’s ecosystem.
Ives further explained to CNBC that unlike Microsoft, Apple is less likely to collaborate with third parties (such as CrowdStrike), making its “risk exposure in the enterprise much smaller.”
Most large corporations run their servers on systems based on Windows or Linux. Providing fundamental systems for company servers is not Apple’s primary business. Therefore, when IT failures occurred on Friday, the impact spread to the core infrastructure of large companies running Windows-based systems, with airlines being one example of those affected.
Kurtz stated in a statement on the social media platform X that Linux has its own operating system and was not affected.
Many Fortune 500 companies use CrowdStrike’s network security software to detect and prevent hacker threats. Computers running Microsoft Windows crashed due to an interaction error between the code updates released by CrowdStrike and Windows.
CrowdStrike is a multi-billion-dollar company whose business scope has expanded globally in over a decade of operation.
On Friday, Anne Neuberger, a senior technical and cybersecurity official in the White House, mentioned at the Aspen Security Forum when asked about the IT disruptions the “integration risks” in the tech supply chain.
“We need to really think about our digital resilience, not just the systems we operate, but also the globally connected security systems, integrated risks, how we handle this integration, and how we ensure that when incidents happen, we can control it and recover quickly,” she said.