Many businesses in Canada woke up Friday to the so-called blue screen of death on their computer systems, after a faulty software update from cybersecurity giant CrowdStrike triggered a worldwide IT outage.
From hospitals to banks, international airports, border crossings and concert halls, the disruption hasn’t spared a sector. The broad outage underscores CrowdStrike’s dominance in corporate Canada and beyond—and the risks of relying too heavily on too few providers to protect critical IT infrastructure.
What happened: Reports of network outages began overnight, after a Microsoft software update from the cybersecurity firm went awry. A bug, not a cyberattack, triggered the outage, CrowdStrike CEO George Kurtz said Friday morning. The issue is only affecting Windows systems, not Mac or Linux hosts.
It’s an historic outage, cybercrime expert Mikko Hypponen wrote in a LinkedIn post. “Big outages are almost never like this,” he said, noting that about 70 per cent of Fortune 500 companies were affected.
What went down: Canada’s major airports, including Toronto Pearson and Montréal–Pierre Elliott Trudeau, are navigating disruptions from several airlines. Delta, American and United were among those affected, as well as Toronto-based Porter.
Quebec financial services firm Desjardins said about 10,000 employees couldn’t access their computers Friday morning. The firm was applying patches to affected workstations to get staff back online.
DownDetector, which tracks the status of online services, showed spikes in outage reports for several Canadian banks, including RBC, Scotiabank and CIBC. While Canadian Bankers Association spokesperson Maggie Cheung told The Logic its members had not reported any major problems, she said the organization is monitoring the situation with their partners. “It’s more complicated than just a banking issue,” said Cheung. “Some of the third parties the banks are working with also have issues, so we might be indirectly affected.”
The Office of the Superintendent of Financial Institutions, Canada’s main banking regulator, is “constantly monitoring and assessing the risks in this area,” OSFI superintendent Peter Routledge told The Logic by email. He did not say if individual institutions were affected by the CrowdStrike disruption.
Bank of Canada spokesperson Paul Badertscher said the central bank had not been affected and Payments Canada said its systems are running normally.
The market response: CrowdStrike’s stock plunged 14.6 per cent when markets opened. The firm’s rivals, SentinelOne and Palo Alto Networks were up about eight per cent and two per cent, respectively, when markets closed.
Fatima Boolani, a research analyst at Citi who covers U.S. software, said the bump for CrowdStrike competitors Friday “makes the case that maybe you should have some redundancy from a vendor standpoint for protecting such an important part of your IT infrastructure.”
Boolani said the outage follows a wave of consolidation in cybersecurity. “Maybe the pendulum swings back a little bit and it benefits mid-sized vendors like SentinelOne,” she told The Logic.
What’s the fix? CrowdStrike’s Kurtz said there is a solution to the problem, but it involves manually rebooting each affected computer. Hypponen expects it will be days or even weeks before everyone’s back online. In the long-term, Boolani said the incident could prompt politicians and regulators to scrutinize large software vendors and firms’ dependence on them. “They’re clearly so big,” she said, “that they’re almost a too-big-to-fail set of institutions that are influencing the global economy.”