US federal agencies were among those reeling from a massive technology outage Friday after a flawed software update by CrowdStrike Holdings Inc. disrupted global computer networks.
Like employees around the world, some staff at the FBI and Department of Justice were met with a Windows error screen — dubbed "the blue screen of death" — when they tried to sign in to their computers Friday morning.
Justice Department officials were working on a fix but didn't know when that would come, according to a message that the DOJ sent to staff. In the meantime, it said, employees could still access emails and communications through their phones and iPads.
"The Justice Department alerted users early this morning that the department is among businesses and government CrowdStrike customers worldwide affected," a spokesperson told Bloomberg in an email. The department's chief information officer was "actively troubleshooting workarounds" on Friday while the software maker tried to resolve the problem.
Not all users were affected, the spokesperson added, but "for those that were, the department has been remediating the issue and getting our affected devices back online."
A spokesperson for the FBI said the agency was aware of the situation and declined to comment further.
The ripple effect of the outage was felt elsewhere in the US government to varying degrees. At the State Department, a help desk service was "down temporarily and restored," a spokesperson said.
The Treasury Department's outgoing payments and Internal Revenue Service systems experienced "brief disruptions that were quickly resolved," said spokesperson Chris Hayden, adding that the agency's "mission-critical systems are online, with little impact from this morning's technology incident."
The Defense Department was among the few that were unscathed.
"For all reports I have right now, no impact on DOD operations," General Charles Q. Brown, chairman of the Joint Chiefs, said at the Aspen Security Forum in Colorado. He added, "I'm sure adversaries are looking at this as a way to, I would say, put sand in the gears."
Some members of Congress were directly inconvenienced by the CrowdStrike issue. Lawmakers who attended the Republican National Convention in Milwaukee were among the thousands of travelers stranded by the outage.
Representative Michael McCaul, a Republican from Texas, was among the members who had flight difficulties, his office confirmed. Representative Joe Wilson, a South Carolina Republican, took a cab from Milwaukee with his grandson to O'Hare International Airport in Chicago to try to get a quicker flight home.
"The widespread global IT outages that ensued overnight put people's safety at risk," Senator Chuck Grassley, a Republican from Iowa, told Bloomberg. "The importance of improving the strength, cybersecurity and resilience of our critical infrastructure cannot be overstated."
The National Security Council convened multiple calls, including with agencies across the US government, in response to the incident. The Cybersecurity and Infrastructure Security Agency, known as CISA, held a call across the sector-coordinating councils. Others affected included the Department of Energy and Health and Human Services, a person familiar with the matter told Bloomberg, asking not to be identified because the information hasn't been made public.
Anne Neuberger, deputy national security adviser to President Joe Biden, also was in Aspen attending the security forum. She said her morning began with a 4 a.m. phone call from the White House Situation Room. Among her other calls was one to George Kurtz, chief executive officer of CrowdStrike, who she described as "thoughtful."
Kurtz has publicly apologized for the disruptions while assuring customers that they "remain fully protected." He said in a statement on LinkedIn that the company was "working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on." Later Friday, he vowed to provide full transparency on how the outage occurred.
Federal agencies weren't the only government entities affected.
Dallas' chief information officer, Brian Gardner, said a couple hundred of the municipality's 15,000 devices were shut down by the glitch. The city didn't experience major disruptions, but information technology teams have spent the day manually rebooting the affected devices "- with help from CrowdStrike.
"It's not so dissimilar to any kind of ransomware or malware attack," Gardner said, recalling a cyber breach that hit the Texas city in 2023.