This afternoon, Gov. Kim Reynolds announced that Iowa’s critical IT systems have been restored and services to Iowans have resumed as normal following a global outage caused by an automatic software update from CrowdStrike, which the state uses for malware and virus protection.
“I want to thank the Department of Management’s Division of Information Technology and its security operations center for their near immediate response when the outage occurred in the middle of the night,” Governor Reynolds stated. “Iowa is fortunate to have robust cybersecurity capabilities. Today is a great example of the importance of investing in services that protect state infrastructure and improve service to Iowans.”
At this time, IT staff are continuing to restore devices used by state employees. This work is anticipated to be completed during the weekend.
The Iowa Department of Management’s Division of Information Technology operates a 24/7 security operations center. At approximately 12:30 a.m. today, the security center identified the CrowdStrike error, and a temporary fix was applied at 1:04 a.m. At approximately 1:30 a.m., a formal fix from CrowdStrike was issued. The quick action by the security team limited the initial impact of the outage to approximately 1,400 servers and 3,300 workstations, or less than 20 percent of all devices across executive branch departments.