Global IT Outage Hits Santa Barbara Airport, Hospital, and More
CrowdStrike Tech Crash Causes Major Disruptions, but Emergency Services Still Operating Locally
This article was underwritten in part by the Mickey Flacks Journalism Fund for Social Justice, a proud, innovative supporter of local news. To make a contribution go to sbcan.org/journalism_fund.
[Updated: Fri., July 19, 2024, 8 p.m.]
A problem in Microsoft’s cybersecurity software, run by CrowdStrike, is creating sweeping IT outages in hospitals, airlines, and offices across the globe — including Santa Barbara.
CrowdStrike CEO George Kurtz announced on X, “This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been deployed.”
All emergency alert systems in Santa Barbara County are still running smoothly, including the 9-1-1 dispatch center.
“Cottage Health has activated the backup systems in place to continue care throughout our hospitals,” said Cristina Cortez, the public relations manager for Cottage Health. “Cottage hospitals, emergency departments, urgent care clinics, and virtual care online remain open.”
Non-urgent, elective procedures are being rescheduled for patients who have appointments on July 19 “to allow more of our staff to support the backup procedures for ongoing inpatient and emergency care,” added Cortez.
Ground operations and boarding processes at the Santa Barbara Airport are affected by the outage as well, said Angi Daus, the airport’s marketing supervisor. Travelers should expect “delays all day” as a result. “Safety operations and actually flying the plane have not been affected.”
United, Delta, and American Airlines were some of the hardest hit, asking the Federal Aviation Administration (FAA) for global grounding orders early Friday morning. The FAA announced that orders for these airlines have been lifted as of 10 a.m. PST. “Ground stops and delays will be intermittent at various airports as the airlines work through residual technology issues,” wrote the FAA on X.
Things at SBA are slowly picking back up, said Daus, but the airport encourages passengers to “plan ahead and pack your patience.” Impacted travelers can contact their airline for rebooking assistance.
Departing flights from Los Angeles International Airport, Hollywood Burbank Airport, and Long Beach Airport were grounded early Friday morning, causing thousands of travelers’ worth of mayhem. While the grounding orders are lifted, passengers will face a mixed bag of delays and cancellations throughout the day.
On the S.B. County front, an “internal internet system is down,” according to a spokesperson from Santa Barbara’s Office of Emergency Management. This internet connection only serves county employees and doesn’t change anything on the public-facing side. The Superior Court of Santa Barbara wrote on its website, “There are significant disruptions to Portal access to calendars and documents and court PCs are impacted as well. Delays in operations are anticipated.”
National banks and credit card companies have also experienced disruptions. The Independent reached out to local branches of Chase Bank, Bank of America, and Montecito Bank and Trust, but did not receive a response by the time of publication.
While CrowdStrike has fixed their bugged software’s code, many computers won’t automatically return online.
The outage was caused by a bug in CrowdStrike’s software update that went directly to Microsoft PCs, forcing computers into an endless cycle of turning off and on again. CrowdStrike is having difficulty pushing the updated, correct code through to these PCs because most aren’t online long enough to receive the updated software.
This means that computer users may have to wait for an individual to manually remove the faulty code on each device. Some success has been achieved by interrupting the computer’s endless reboot loop by turning it off and back on by hand, but CrowdStrike is suggesting a different approach — reversing the code yourself.
To be honest, this method isn’t for the faint of heart.
It involves putting your Windows device into “Safe Mode” or the “Windows Recovery Environment” and navigating to the “%WINDIR%\System32\drivers\CrowdStrike” directory. From there, you can locate the software titled “C-00000291*.sys” and check the timestamp on it. If the timestamp reads “0527 UTC” or later, you’re good to go, and your device shouldn’t be affected. A timestamp of “0409 UTC” on the same software, however, is faulty and should be deleted. After a quick reboot, CrowdStrike claims this should fix the problem.
Detailed instructions on these steps and how to potentially fix your impacted PC can be found on CrowdStrike’s Blog.