IT Outage Impact Analysis – At Least 674,000 Enterprise Customers at Risk of Disruption Globally

by: Deverick Holmes, Operational Resilience Consultant, and Mackenzie Clark Senior Computational Social Scientist

This report details the global outage involving CrowdStrike, highlighting the incident’s domestic and international impact on trade and business operations. Interos has provided a detailed timeline of events and recommended steps customers should take here.

Summary

CrowdStrike was involved in a global IT outage that has highlighted the vulnerability of interconnected global supply chains. The outage impacted 674,620 direct customer relationships of CrowdStrike and Microsoft, and over 49 million indirectly, according to Interos data. While the U.S. was the most affected country, with 41% of impacted entities, the disruption was also felt at major ports and air freight hubs in Europe and Asia. Ports from New York to Los Angeles and Rotterdam reported temporary shutdowns, while air freight suffered the hardest blow, with thousands of flights grounded or delayed. The outage exacerbates existing supply chain challenges amid rising global demand and freight prices, highlighting the potential long-term implications for global trade and finance.

Another Global Trade Disruption

The interconnected nature of global supply chains means international trade will experience ripple effects due to even temporary shutdowns. This comes as freight prices skyrocket and shipping demand rise. When using Interos data to understand how expansive the trickle-down effects of the outage are, the results are striking.

Interos analyzed the extended supply chains of both CrowdStrike and Microsoft, whose Microsoft 365 systems were disrupted as part of a CrowdStrike update, leading to outages for Microsoft users across the world. When examining the direct customer relationships (Tier 1) of both Microsoft and CrowdStrike, Interos was able to identify 674,620 customer relationships. When expanding the scope of impact to include the customers of Microsoft and CrowdStrike’s customers (Tier 2), the number of customer relationships identified by Interos data grows to over 28 million, and when going one step further (Tier 3), that figure increases to over 49 million customer relationships.

The outage has had varying levels of impact across Union Pacific’s freight network while Ports from New York to Houston and Los Angeles reported temporary container terminal shutdowns overnight but were mostly operational by early morning. Rotterdam, the largest port in Europe, said some companies operating at its terminal were impacted. On average, the port at Rotterdam handles approximately 1.3 million tons of cargo daily. This includes a diverse range of goods such as containers, bulk commodities (like crude oil, coal, and iron ore), and various other cargo types. In addition, UK ports of Felixstowe and Tilbury have all been confirmed to be suffering from major IT outages while similar issues were reported at ports in Poland and Asia.

Air freight was hit the hardest, with many global airlines grounding flights and the complex air cargo system facing a recovery period that could last days or weeks. Thousands of flights were grounded or delayed at the world’s largest air freight hubs in Europe, Asia, and North America. These hubs are critical nodes in the international logistics network, handling vast quantities of cargo daily. The grounding of these flights may lead to trickle down delays in the movement of goods, impacting various industries. The semiconductor supply chain, for example, relies heavily on air freight to transport finished products from manufacturing centers in the EU and Asia to markets in the U.S., has been particularly affected. This new issue for the global supply chain comes amid a rise in global demand and prices, driven by the ongoing conflict in the Red Sea and climate change impacting trade routes, with shipments up 13% year-over-year in June, while air freight supply has only increased by 3%, already causing higher costs for shippers due to limited capacity. As it may take days or weeks for airfreight companies to fully bring their systems back on-line this will only exacerbate the ongoing supply chain hurdles facing the global market.

Interos Data Shows U.S. & European Entities Highly Impacted 

According to data from Interos, the outage potentially impacted 674,476 entities globally, with 280,760, or 41%, of these being in the United States. Given that the U.S. is a major economic engine for global trade, this outage may have significant short-term implications for international commerce and finance.

 

Interos data would also indicate that European countries are highly exposed to this event. Within the top ten countries listed in the chart above, several are in Europe: the United Kingdom, Germany, Italy, France, Spain, The Netherlands. Combined, these countries account for 186,749 of entities, or 27.68%. While this does not account for the entire European continent, this figure underscores the global nature of this outage.

U.S. companies whose systems remain down are exposed to increased cyber risks. When systems are offline or experiencing disruptions, it becomes harder to implement standard security protocols and monitor for potential threats. This downtime can create vulnerabilities that cybercriminals may exploit, such as weakened defenses, unpatched software, and delayed security updates.

U.S. consumers have reported issues with declined credit card transactions, disrupting personal and business activities. Additionally, U.S. airlines, which play a crucial role in facilitating cross-border business, have experienced widespread cancellations and delays. This disruption in airline operations could lead to delays in business meetings, shipments, and other critical economic activities, further exacerbating the impact on global trade. With critical systems and data at risk, these companies face a heightened possibility of cyberattacks, including data breaches, ransomware attacks, and unauthorized access. Moreover, the inability to detect and respond to threats in real-time during such outages can exacerbate the potential damage, leading to significant financial losses, reputational harm, or regulatory consequences.

According to reports, CrowdStrike is utilized by 82 percent of U.S. state governments and 48 percent of the largest U.S. cities. Given its widespread adoption, a prolonged outage of CrowdStrike’s services could severely impact municipalities’ ability to maintain essential cybersecurity defenses. These state and municipal entities rely heavily on CrowdStrike Falcon’s advanced threat detection and real-time monitoring to protect sensitive data and critical infrastructure from cyber threats. Without these protections, municipalities could experience increased vulnerability to cyberattacks, such as ransomware, data breaches, and unauthorized access, potentially compromising public safety, emergency response systems, and the security of citizen information.

Furthermore, the disruption could hinder the ability of these governments to deliver public services effectively. Key functions such as water treatment facilities, public transportation systems, and healthcare services, which increasingly depend on digital infrastructure, could be at risk.

In addition to local municipalities, CrowdStrike is used by many prominent organizations across various sectors. Various U.S. government agencies, including parts of the Department of Defense and intelligence agencies, rely on CrowdStrike for its advanced threat detection. Major financial institutions across the U.S. and EU such as Goldman Sachs, Bank of America, and Santander also use CrowdStrike to protect their sensitive data, and giant retailers like Walmart and Target, as well as energy companies such as ExxonMobil and Exelon, also depend on CrowdStrike to defend against cyber threats and protect critical infrastructure. The system is particularly preferred by high-profile organizations worldwide for its ease of use and robust security features.

Outage Spans Multiple Industries

The direct effects of this outage also span a broad range of industries. While impacts to airlines and banks have been the most widely reported on, Interos data shows that companies in the professional services, wholesale, and various manufacturing industries make up the bulk of companies that are potentially experiencing disruptions.

Of those directly supplied by Microsoft or CrowdStrike, companies in the Professional, Scientific, and Technical Services industry make up almost 7% of customers, followed closely by companies in the Merchant Wholesalers industry, at almost 5% of customers, and the Administrative and Support Services industry, at over 3% of customers.

In total, Interos identified companies spanning almost 1,200 unique industries that are directly supplied by Microsoft or CrowdStrike. From the telecommunications industry, to hospitals, utilities providers, and even postal services, virtually no industry was left unaffected by this outage. These types of disruptions cause delays in critical infrastructure and the delivery of products services, leaving businesses and consumers across the world without access to key services or goods.

Interos’ data shows ongoing supply chain disruptions cost enterprises $100 million in annual losses on average. The company’s critical risk intelligence platform helps companies mitigate the financial impacts of multi-tier risks by continuously mapping and monitoring extended supply chains at speed and scale.

Learn how you can manage risk by exception, at scale. Speak to an expert today.

 

CrowdStrike Outage: Interos Update

CrowdStrike Outage: What Happened? 

Interos is monitoring the widespread IT outage affecting numerous sectors globally, including airlines, banks, telecommunications companies, and many others. We are proactively alerting customers to potential impacts across their supplier ecosystem via direct email notifications and a platform-wide notice and event summary. The Interos platform has not experienced any impact. 

Cybersecurity firm CrowdStrike, the epicenter of the disruption, published an official statement as of 9:22 am ET, July 19, 2024. 

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.

The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.”

Summary Timeline 

Thursday, July 18, 2024 

 Friday, July 19, 2024

  • 4:48am EST: Windows devices experienced issues due to a third-party software update, CrowdStrike reported on the Azure status page. 
  • Fri, 5:45am EST: On X, CrowdStrike CEO George Kurtz announced a fix for a defect in a single content update for Windows hosts, confirming the situation was not a security incident. 
  • Fri, 6:39am EST: Interos publishes event summary update regarding global IT outages triggering flight delays. 
  • Fri, 7:48am EST: The New York Times reported the outage was due to a flawed CrowdStrike security update, with a fix deployed, but ongoing issues expected. 
  • Fri, 7:54am EST: Interos issued automated Cyber Event Alert to all customers via our platform. 
  • Fri, 8:45am EST: Interos updates our platform’s Events Feed publishing a list of impacted banks and apps.  
  • Fri, 10:00am EST: Interos deploys event notice on front page of platform. 

Who is Impacted?  

According to company disclosures, CrowdStrike has over 21,000 customers, many of whom are large institutions, including many major airlines, banks, healthcare providers, and cloud providers, with thousands of computers and servers running the software. The protective system is utilized by 82 percent of US state governments and 48 percent of the largest US cities, resolving over 7 million incidents annually through its managed detection and response (MDR) service.   

Users have reported that their bank cards were being declined and HR departments have reported documents outages via ADP impacting payroll and other business operations. As of 12pm EST, over 2,000 flights canceled and more than 5,300 were delayed. 

Additionally, disruptions were not confined to only Microsoft customers, but all enterprises running CrowdStrike’s Falcon software. 

What Can You Do About it? 

In its Statement on Falcon Content Update for Windows Hosts, CrowdStrike published workaround steps for “individual hosts” and “public cloud or similar environment including virtual.”  

It’s worth noting that, according to news reports, U.S. customers may be less impacted because the incident occurred when many U.S. computers were off, and the corrected software was published before they were turned on. 

Companies interested in further investigating the impact of this incident on their operations must perform due diligence across their supplier ecosystem. CrowdStrike’s admission that the impact is isolated to a “single content update for Windows hosts” indicates that the impact radius is substantial.  

Recommendations:

  • Engage third parties / tier-1 suppliers to inquire if they have a material relationship with CrowdStrike AND rely on Microsoft hosting (Azure) or O365.   
  • If an existing relationship is identified, confirm with the supplier if CrowdStrike’s workaround steps and/or other mitigating actions were taken and if there is any material impact on the supplier’s operations that requires mitigation. 
  • If no mitigating action is necessary, companies should refer to established business continuity processes to protect against immediate operational risks.  

For Interos Customers   

  • Use the Interos Supplier-Buyer Relationships to identify sub-tier connections to CrowdStrike.  
  • Prioritize list for outreach, assign ownership for direct outreach, and execute the steps above.  
  • Create a group for this specific instance and enable alert notifications to receive updates via email.  
  • Investigate cybersecurity risk scoring and the potential changes to the security landscape for companies connected to CrowdStrike   
  • As an important security and threat management platform, there is an increased risk for cyber activity due to the platform being inoperable for some time, providing a potential window of opportunity for threat actors.   
  • Companies utilizing Interos’s premium support offering can engage the Operational Resilience Consulting team to perform a deep-dive analysis across their ecosystem.  

 

From Tesla’s Troubles to Industry Solutions: Addressing Child Labor in Global Supply Chains

Concerns about the potential for child labor in Tesla’s supply chain highlight a critical issue facing multinationals today: the challenge of ensuring ethical labor practices throughout complex global supply chains.

Despite CEO Elon Musk’s promises of third-party audits and webcams to monitor cobalt mines in the Democratic Republic of Congo, critics charge implementation is falling short.

The Ripple Effect: Industry-Wide Implications

This situation exemplifies the broader challenges companies face in addressing labor issues across their multi-tier supply chains. As governments worldwide implement stricter regulations, companies must act swiftly to protect their reputations and comply with evolving standards.

Interos data shows executives estimate that ESG-related cost increases or revenue losses impact companies at $44M annually.

At Interos, we’ve identified five key strategies to help organizations eliminate unethical supply chain labor practices:

  • Conduct Comprehensive Supply Chain Mapping: Gain visibility into the extended supply chain, from direct suppliers to nth-tier sub-suppliers, to identify vulnerabilities. Continuous supply chain lifecycle risk intelligence from Interos enables advanced analytics and real-time monitoring to scrutinize supply chains for regulatory violations and other ESG concerns.
  • Implement Robust Due Diligence Processes: Develop and enforce rigorous due diligence procedures to complement technology-based assessments. This means going beyond assessing suppliers’ labor practices through audits carried out by accredited third-party agency, to embracing deep supplier visibility and real-time risk assessments..
  • Leverage AI Predictive Analytics: Utilize cutting-edge technologies like Interos’ AI-powered platform, which evolve enterprises from lagging to leading indicators to drive proactive mitigation. Interos’ next generation ESG risk model monitors multiple critical attributes reflecting the multi-faceted nature of ESG threats, including forced labor, emissions, diversity, foreign ownership, and other critical attributes.
  • Collaborate with Industry Partners and Stakeholders: Engage with industry associations, non-governmental organizations, and government agencies to share best practices, align efforts, and collectively address forced labor challenges.
  • Promote Transparency and Accountability: Implement transparent reporting mechanisms, establish clear policies and codes of conduct, and hold suppliers accountable for violations through corrective action plans or termination of business relationships.

Case Studies: Accelerating Ethical Supply Chains with Interos

Interos survey data shows more than a third of leaders at large enterprises are stepping up their ESG investments, and over half acknowledged supply availability was paramount. Global organizations using Interos have gained a sharper picture of supply chain risks, enabling proactive strategies, yielding clear results:

  • A leading global airline leverages Interos’ supply chain lifecycle risk intelligence to ensure the highest standard of ethics and compliance across its apparel supply chain and other sourcing channels.
  • A supermajor oil and gas company leverage Interos to ensure adherence to 30+ EU regulations related to labor, emissions, and other areas.
  • A major retailer utilizes Interos’ foreign ownership data to determine, reduce and remove slave labor from its product lines.

Interos is leading a broader supply chain risk revolution towards transparency and ethical responsibility across industry, enhancing corporate brand, reputation, and profitability.

By taking proactive steps and leveraging the Interos platform, organizations can navigate the complexities of supply chain forced labor risk to foster ethical, responsible, and adaptable supply chains that meet, and surpass, the demands of today’s interconnected economy.