Countdown to shutdown:

Crowdstrike outage: SSA shutters offices, other agency impacts

Here's what we know about how a global IT outage, sparked by a faulty software update from cybersecurity firm CrowdStrike, is impacting federal agencies.

The Social Security Administration closed its field offices on Friday due to a global IT outage roiling companies and government agencies across the world.

In an alert posted to its website, SSA notified the public about the closures. On late Friday afternoon, an SSA spokeswoman told Federal News Network that the agency plans to re-open its field offices for public service on Monday, July 22.

“Staff impacted by the widespread Microsoft and CrowdStrike issues are being brought back online,” the spokeswoman said. “Our phone lines remain operational and many online services at ssa.gov remain available.”

The IT outage is linked to a flawed software update released by cybersecurity firm CrowdStrike. The defect affects computers running Microsoft Windows, effectively shutting them down with what’s referred to as the “blue screen of death.” Crowdstrike says the incident is “not a security incident or cyberattack.” The company also reports that a fix has been deployed.

U.S. Citizenship and Immigration Services also appears to be affected by the outage. A notice on USCIS’s E-Verify website states that “customers calling E-Verify are experiencing long wait times” because “the worldwide Microsoft outage is impacting phone support.” USCIS did not immediately respond to a request for comment.

A senior Biden administration official told reporters on Friday afternoon that the White House is in “regular contact” with Crowdstrike’s leadership to get updates on the outage and remediation efforts.

“The White House has been convening agencies to assess impacts to the US government’s operations and entities around the country,” the official said. “At this time, our understanding is that flight operations have resumed across the country, although some congestion remains, and 911 centers are able to receive and process calls. We are assessing impact to local hospitals, surface transportation systems, and law enforcement closely and will provide further updates as we learn more. We stand ready to provide assistance as needed.”

The Cybersecurity and Infrastructure Security Agency, which is responsible for overseeing the security of systems across the federal civilian executive branch, said it is working with Crowdstrike, as well as federal, state, local and critical infrastructure partners, “to fully assess and address these issues.”

“Of note, CISA has observed threat actors taking advantage of this incident for phishing and other malicious activity,” the cyber agency wrote in an alert Friday. “CISA urges organizations and individuals to remain vigilant and only follow instructions from legitimate sources. CISA recommends organizations to remind their employees to avoid clicking on phishing emails or suspicious links.”

Rep. Nancy Mace (R-S.C.), chairwoman of the House Oversight and Accountability Committee’s cybersecurity, IT and government innovation subcommittee, said the panel has requested briefings on the outage from Crowdstrike, Microsoft and CISA .

“We’re also trying to determine the breadth of impact, especially across the federal government at this time,” Mace posted to X on Friday afternoon.

While the outage forced airlines to cancel and delay thousands of flights Friday morning, a Transportation Security Administration spokeswoman said TSA has not been directly affected by the IT incident.

“TSA is monitoring the IT system issues throughout the transportation system in partnership with stakeholders and other agencies,” the spokeswoman told FNN. “There has not been any impact to TSA operations.”

In posts on X, the Federal Aviation Administration said it was working with U.S. airlines as they resume operations.

“Currently FAA operations are not impacted by the global IT issue,” the FAA posted. “We continue to monitor the situation closely.”

Meanwhile, a Department of Veterans Affairs spokesman said the VA is “not aware of any impact on health care operations or any adverse impact on veterans who get their care from VA.”

“We will continue to monitor this situation, and we encourage any Veterans who need support – including those who may be impacted by challenges at non-VA health care facilities – to call 1-800-MYVA411 or visit their local VA medical center for assistance,” VA Press Secretary Terrence Hayes said in a statement. “We are standing by and ready to help.”

The U.S. Postal Service on Friday also said it has not experienced any immediate impacts from the IT outage.

“The Postal Service was not directly impacted by the global IT outage,” USPS spokesman David Walton said. “We are aware of impacts to some of our third-party vendors, however, this has not impacted our ability to move mail and packages for the American people.”

Officials highlight IT consolidation risks

Anne Neuberger, deputy national security advisor for cyber and emerging technology, said the Crowdstrike outage showcased the “risks of consolidation.”

“The irony of this morning is that a major international cybersecurity company was impacted,” Neuberger said during an event hosted by the Aspen Institute on Friday. “So, we need to really think about our digital resilience – not just in the systems we run, but in the globally connected security systems, the risks of consolidation, how we deal with that consolidation, and how we ensure that if an incident does occur, it can be contained and we can recover quickly.”

In a letter to acting Defense Department Chief Information Officer Leslie Beavers, Sen. Eric Schmitt (R-Mo.) requested a briefing on any potential impacts to DoD networks by July 26.

“This outage is a warning that consolidation and dependence on one provider can be catastrophic, which is why business and government IT systems should have requisite redundancies in place that promote resiliency, as well as competition and innovation,” Schmitt wrote.

This is an evolving story, and we will continue to update it.

(With additional reporting from Jory Heckman)

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories