Federal agencies affected by worldwide IT outage
Several federal agencies have been impacted by the Microsoft outage linked to the software firm CrowdStrike, while others are still assessing issues connected to the IT failure that has caused massive problems for businesses worldwide.
The Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency said in a post on X that they “are working with CrowdStrike, Microsoft and our federal, state, local and critical infrastructure partners to fully assess and address system outages,” while President Joe Biden has been briefed on the matter and his team is in touch with CrowdStrike and “impacted entities.”
“The White House has been convening agencies to assess impacts to the U.S. government’s operations and entities around the country,” a senior Biden administration official told a pool reporter. “At this time, our understanding is that flight operations have resumed across the country, although some congestion remains, and 911 centers are able to receive and process calls. We are assessing impact to local hospitals, surface transportation systems, and law enforcement closely and will provide further updates as we learn more.”
A Microsoft spokesperson said the company is “actively supporting customers” after the CrowdStrike update brought down IT systems globally. The issue is not related to an outage earlier in the week that affected Microsoft Azure customers in the central U.S. and some Microsoft 365 services.
CrowdStrike, which CISA chose in 2021 to provide endpoint detection and response technology and protect federal civilian agencies’ networks, said it identified the issue and deployed a fix to address it. The incident appears to have caused the most trouble for the Social Security Administration, which closed all offices Friday due to the “global IT outage,” according to the agency’s website. SSA said that individuals should expect longer call wait times for its national 800 number and that “some online services are unavailable.”
SSA is one of many federal government entities affected by the CrowdStrike flaw, which CISA said has led to opportunistic threat actors engaging in “phishing and other malicious activity.” At least a half-dozen other agencies have experienced some impacts from the incident, FedScoop reporting shows.
‘Troubleshooting’ for impacted agencies’ IT teams
Some of the federal agencies that reported issues to FedScoop connected to the CrowdStrike incident noted specific problems with Microsoft products, including NASA and the Federal Trade Commission. Others shared more general issues without putting a product name to the problem.
An agency manager within DHS told FedScoop that some staff had trouble logging into desktop computers and had to spend the morning working on phones or through virtual desktop or web pages applications. DHS’s Federal Emergency Management Agency experienced “some” issues with its systems, but an agency spokesperson said “there are no impacts to FEMA’s critical or immediate lifesaving and life-sustaining operations. There is also no evidence of any data loss.”
The Enterprise Service Desk (ESD) at the Department of Veterans Affairs is also down, according to a person familiar with the matter, though it’s not yet clear if it’s related to the CrowdStrike flaw.
Terrence Hayes, the VA’s press secretary, told FedScoop that the agency is not currently aware of any impact on health care operations or “any adverse impact on veterans who get their care from VA.” Hayes added in a second statement that the only known impact to the VA was a partial outage of the ESD’s ability to receive incoming phone calls, though the issue is reportedly resolved.
At the Energy Department, regular operations to its website were restored late Friday morning after it appeared to be offline earlier in the day — several attempts to visit the energy.gov domain resulted in a 503 error noting that a backend fetch failed. The Energy Department did not respond to a request for comment about whether the CrowdStrike issue was related to the error message.
A National Nuclear Security Administration spokesperson told FedScoop that “DOE is working with CrowdStrike, Microsoft, and federal, state, local, and critical infrastructure partners to fully assess and address system outages.”
The Justice Department was also affected and alerted users, according to an emailed statement from a spokesperson.
“The DOJ Office of the Chief Information Officer (OCIO) is actively troubleshooting possible workarounds with Component CIOs and technical teams while CrowdStrike, the vendor, is attempting to resolve the problem,” the spokesperson said.
And in response to a request for comment, the Department of Education pointed to its post X acknowledging that users may have had difficulty reaching the agency by phone because of the current outages. The department said that all of the agency’s customer-facing services and operations are now “securely restored and operating normally.”
Quick resolutions or no impact at other agencies
Flights around the world were grounded early Friday as airline IT systems faced major disruptions. The Federal Aviation Administration said it was “closely monitoring a technical issue impacting IT systems at U.S. airlines” but did not say whether the issue had impacted government-operated systems. The agency later added that current “FAA operations are not impacted by the global IT issue” but that it is monitoring the situation.
A Nuclear Regulatory Commission spokesperson told FedScoop in an email that the agency is operating normally. Additionally, the spokesperson said that U.S. commercial nuclear facilities reported that they are operating safely.
A Treasury Department spokesperson said the agency’s mission critical systems are online and experienced “little impact” from the incident. “There were no disruptions to outgoing payments and IRS systems that experienced brief disruptions were quickly resolved. Treasury officials have been in close contact with key financial sector leadership and regulators which are collectively monitoring the incident.”
The State Department has “experienced minimal IT disruption due to the recent tech outage,” an agency spokesperson said, noting that “a help desk service was down temporarily and restored.” Other help desk communications and operations “were online and available,” the spokesperson added.
A Department of Housing and Urban Development spokesperson said the agency “was informed of the global impact and worked with our partners to quickly restore any services negatively affected by the event. HUD works diligently to ensure the security, stability, and availability of services supporting the public.”
Meanwhile, a spokesperson for the Administrative Office of the U.S. Courts said in an email that “IT officials are continuing to assess the situation, but federal courts remain operational, with no major disruptions reported.”
Other agencies are still investigating impact. A Department of Health and Human Services spokesperson, for example, told FedScoop in an email that the agency is coordinating with partners in federal, state and local government and the private sector “to assess the impact of the Crowdstrike outage on patient care and HHS systems, services, and operations.”
There could be action in Congress down the line. A spokesperson for the Senate Commerce Committee said the body was monitoring the situation. Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, is also following the situation, FedScoop has learned.
The Government Accountability Office, an independent government agency that provides research and auditing services to Congress, has not yet been asked to review the CrowdStrike issue, the agency told FedScoop.
This story will be updated as new information becomes available.