When One Vendor Takes Down Half the Internet: Phended

In July 2024 a cybersecurity company called CrowdStrike pushed a small update to software running on millions of computers worldwide. The update had a bug. Within hours, Windows machines at airlines, hospitals, banks, broadcasters, and small businesses began crashing on boot. Flights were grounded. Pharmacies couldn’t fill prescriptions. 911 call centres in some places went offline. The world got a very loud reminder that trusting any one vendor too much is itself a risk.

You’re affected even if you’d never heard of CrowdStrike before that day. The reason:

Airlines and hospitals that serve you use software like this
Your bank, your pharmacy, and your pension provider almost certainly do too
Small businesses that can’t afford downtime were hit just as hard as the big ones
Small-town school boards, municipal offices, and nonprofits that use Windows machines for daily work

The outage didn’t care how big your organization was. If you had the software, you went down.

CrowdStrike makes software that runs deep inside Windows. It protects against malware by watching what every program on your computer is doing. To do that job well, it runs at a very privileged level called the kernel. If this software crashes, Windows itself often crashes.
They pushed an update to millions of computers at once. This is normal. Cybersecurity tools update constantly to keep up with new threats.
The update contained a malformed file. One of the files was bad in a way their testing didn’t catch. When a Windows machine tried to load it, Windows crashed immediately. On boot. Every time.
Computers couldn’t fix themselves. Normally a bad update can be rolled back automatically. But because Windows was crashing before it could even start the networking, affected machines couldn’t reach the internet to get the fix.
Humans had to go touch every machine. IT teams at airlines, hospitals, and other affected organizations had to physically boot each computer into Safe Mode and delete the bad file by hand. Tens of thousands of machines at a big company. Each one, one at a time.

CrowdStrike shipped a fix within hours. The cleanup took days.

The CrowdStrike outage wasn’t a scam or an attack. But the conditions that caused it are common, and the warning signs apply to any software you rely on:

You run one vendor’s software on every device in your org
That vendor pushes automatic updates you can’t delay or review
If that software fails, your work stops cold
You have no backup plan for when the vendor has a bad day
Your important data lives on one cloud provider with no offline copy

These habits help whether the next bad day is a CrowdStrike-style outage, a cloud provider going down, or something else entirely.

Keep one offline copy of anything critical. Client files, tax records, photos of your kids. An external hard drive you plug in once a week and unplug. That copy will be fine no matter what happens online.
Don’t rely on a single internet connection for a business. A mobile hotspot from a different carrier as a backup costs very little and saves you when your main internet goes down.
Keep your basic tasks doable without the cloud. A printed phone list. A paper calendar for the month. A hard copy of important contracts.
Pay attention to what’s on your critical-path. If your cash register, your point-of-sale, and your customer records are all tied to the same one app, one bad update can take your whole business offline for a day. That’s a business-continuity issue, not a cybersecurity issue, but they overlap.
Use haveibeenpwned.com to monitor your email. Big outages often happen at the same time as smaller breaches that get less attention. Criminals use the distraction.
Turn on two-step verification on your email and bank. Our free course Simple Strategies to Be Secure Online walks through the basics.
If an outage hits a service you depend on. Check the company’s official status page. Don’t panic-click links in “outage notification” emails. Scammers love outages, because people are stressed and less careful.
Report any scams that ride on the outage wave. Call the Canadian Anti-Fraud Centre at 1-888-495-8501. In the US, the FBI’s IC3.

Big outages like CrowdStrike are rare but not freak events. They will happen again, somewhere, eventually. The lesson is not to avoid cloud software or stop trusting vendors. It’s to have a quiet backup plan, to keep one thing offline, and to know how you’d get through a day if your primary tools went dark. For most regular people and small organizations, that plan can fit on a sticky note.

If you want help thinking through what you’d actually need if your main tools went down for a day, ask Dave. He can walk through it with you in plain language.

Want these kinds of breakdowns when the next big outage hits? Subscribe to the Phended Security Blog for calm, plain-language coverage. Free, no spam.

You’re affected even if you’d never heard of CrowdStrike before that day. The reason:

Airlines and hospitals that serve you use software like this
Your bank, your pharmacy, and your pension provider almost certainly do too
Small businesses that can’t afford downtime were hit just as hard as the big ones
Small-town school boards, municipal offices, and nonprofits that use Windows machines for daily work

The outage didn’t care how big your organization was. If you had the software, you went down.

CrowdStrike makes software that runs deep inside Windows. It protects against malware by watching what every program on your computer is doing. To do that job well, it runs at a very privileged level called the kernel. If this software crashes, Windows itself often crashes.
They pushed an update to millions of computers at once. This is normal. Cybersecurity tools update constantly to keep up with new threats.
The update contained a malformed file. One of the files was bad in a way their testing didn’t catch. When a Windows machine tried to load it, Windows crashed immediately. On boot. Every time.
Computers couldn’t fix themselves. Normally a bad update can be rolled back automatically. But because Windows was crashing before it could even start the networking, affected machines couldn’t reach the internet to get the fix.
Humans had to go touch every machine. IT teams at airlines, hospitals, and other affected organizations had to physically boot each computer into Safe Mode and delete the bad file by hand. Tens of thousands of machines at a big company. Each one, one at a time.

CrowdStrike shipped a fix within hours. The cleanup took days.

The CrowdStrike outage wasn’t a scam or an attack. But the conditions that caused it are common, and the warning signs apply to any software you rely on:

You run one vendor’s software on every device in your org
That vendor pushes automatic updates you can’t delay or review
If that software fails, your work stops cold
You have no backup plan for when the vendor has a bad day
Your important data lives on one cloud provider with no offline copy

These habits help whether the next bad day is a CrowdStrike-style outage, a cloud provider going down, or something else entirely.

Keep one offline copy of anything critical. Client files, tax records, photos of your kids. An external hard drive you plug in once a week and unplug. That copy will be fine no matter what happens online.
Don’t rely on a single internet connection for a business. A mobile hotspot from a different carrier as a backup costs very little and saves you when your main internet goes down.
Keep your basic tasks doable without the cloud. A printed phone list. A paper calendar for the month. A hard copy of important contracts.
Pay attention to what’s on your critical-path. If your cash register, your point-of-sale, and your customer records are all tied to the same one app, one bad update can take your whole business offline for a day. That’s a business-continuity issue, not a cybersecurity issue, but they overlap.
Use haveibeenpwned.com to monitor your email. Big outages often happen at the same time as smaller breaches that get less attention. Criminals use the distraction.
Turn on two-step verification on your email and bank. Our free course Simple Strategies to Be Secure Online walks through the basics.
If an outage hits a service you depend on. Check the company’s official status page. Don’t panic-click links in “outage notification” emails. Scammers love outages, because people are stressed and less careful.
Report any scams that ride on the outage wave. Call the Canadian Anti-Fraud Centre at 1-888-495-8501. In the US, the FBI’s IC3.

If you want help thinking through what you’d actually need if your main tools went down for a day, ask Dave. He can walk through it with you in plain language.

Want these kinds of breakdowns when the next big outage hits? Subscribe to the Phended Security Blog for calm, plain-language coverage. Free, no spam.

When One Vendor Takes Down Half the Internet

Never miss an alert

Keep reading

Apple's Own System Used to Send Phishing Emails

How to Spot the Fake Jobs That Launder Money

Why Scam Links Now Come From Places You Trust