The National Cybersecurity Coordination Centre (NC3) has reported a significant IT outage affecting numerous Windows systems worldwide. The outage has caused substantial disruptions, ranging from hospitals losing access to patient records, customers being unable to use their banking applications, to delays in train services and the cancellation of over 1,396 flights globally.

Microsoft has identified the source of this widespread issue as a flawed update from CrowdStrike, a well-known cybersecurity provider offering Endpoint Detection and Response (EDR) solutions. The problematic update specifically impacts Windows systems running the Falcon sensor, causing them to crash with a Blue Screen of Death (BSOD) error. CrowdStrike has acknowledged the error, isolated the problem, and released a new patch to correct the issue.

In a public notice dated July 19, 2024, NC3 emphasized that this IT outage is not a cybersecurity attack but rather a technical malfunction due to the flawed update. The Centre reassured the public that the outage has had minimal to no effect on critical services within Sierra Leone, as CrowdStrike antivirus is not widely used by organizations in the region.

NC3 advises any affected users to follow specific instructions to mitigate the issue:

Boot Windows into Safe Mode or the Windows Recovery Environment.
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory.
Locate the file matching C-00000291 sys.
Right-click and rename it to C-00000291.renamed.
Reboot the system normally.
Update to the new CrowdStrike patch released today.

This incident highlights the critical importance of robust and reliable cybersecurity measures, especially in an era where digital systems underpin essential services across the globe. While Sierra Leone has been fortunate to experience minimal disruption, the global ramifications of the outage underscore the interconnected nature of modern digital infrastructure and the cascading effects that can result from a single point of failure.

NC3’s prompt response and clear communication have been instrumental in ensuring that the public remains informed and that any potential impacts are swiftly addressed. As the world continues to navigate the complexities of cybersecurity in an increasingly digital landscape, this incident serves as a stark reminder of the need for vigilance, preparedness, and collaboration among global cybersecurity entities.