Source: Reuters
Friday 19 July 2024 10:45:42
A global tech outage was disrupting operations across multiple industries on Friday, with airlines halting flights, some broadcasters off air and services from banking to healthcare hit by system problems.
While major U.S. airlines - American Airlines, Delta Airlines and United Airlines - grounded flights, other carriers and airports around the world reported delays and disruptions early on Friday.
Banks and financial services firms from Australia to India and Germany warned customers of disruptions.
In Britain, booking systems used by doctors were offline, multiple reports from medical officials on X said, while Sky News, one of the country's major news broadcasters was off air, apologising for being unable to transmit live, and soccer club Manchester United said on X that it had to postpone a scheduled release of tickets.
The former head of Britain's National Cyber Security Centre Ciaran Martin told BBC Radio that an update to a product offered by global cyberscurity firm CrowdStrike appeared to be affecting operating systems based on Microsoft's Windows Operating System.
Microsoft's MSFT.O cloud unit Azure said it was aware of the issue that impacted virtual machines running Windows OS and the CrowdStrike Falcon agent getting stuck in a "restarting state," amid an ongoing global outage.
"We're aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming," a Microsoft spokesperson said.
According to an alert sent by CrowdStrike to its clients and reviewed by Reuters, the company’s "Falcon Sensor" software is causing Microsoft Windows to crash and display a blue screen, known informally as the "Blue Screen of Death".
The alert, which was sent at 0530 GMT on Friday, also shared a manual workaround to rectify the issue.
Over half of Fortune 500 companies used CrowdStrike software, the U.S. firm said in a promotional video this year.
A Crowdstrike spokesperson did not respond to emails or calls requesting comment.
There was no information to suggest the outage was a cyber security incident, the office of Australia's National Cyber Security Coordinator Michelle McGuinness said in a post on X. A British government source also told Reuters there was nothing to suggest foul play.
"The world grinding to a halt because of a global IT meltdown shows the dark side to technology," AJ Bell investment analyst Dan Coatsworth said.
"The severity of the problem boils down to how long it lasts. A few hours' disruption is unhelpful but not a catastrophe. Prolonged disruption is another matter," he said.
The outages rippled far and wide.
Airports in Singapore, Hong Kong and India said the outage meant some airlines were having to check in passengers manually.
Amsterdam's Schiphol Airport, one of Europe's busiest, said it was affected, while airline Iberia said it had been operating manually at airports until its electronic check-in counters and online check-ins were reactivated. It said there had been some delays but no flight cancellations.
Air France-KLM said its operations were disrupted.
The Dutch foreign affairs ministry told Dutch press agency ANP it had been affected. A spokesperson was not immediately available for comment.
While there were reports of companies gradually restoring their services, analysts weighed the potential of what one called the biggest ever outage in the industry and the broader economy.
"IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster," said Ajay Unni, CEO of StickmanCyber, one of Australia's largest cybersecurity services companies.
WHAT HAPPENED?
CrowdStrike, a U.S. cybersecurity company, is among the most popular in the world, counting more than 20,000 subscription customers around the world.
According to an alert sent by CrowdStrike to its clients and reviewed by Reuters, its widely used “Falcon Sensor” software is causing Microsoft Windows to crash and display a blue screen, known informally as the “Blue Screen of Death”.
WHY DID IT HAPPEN?
“The damage to business processes at the global level is dramatic. The glitch is due to a software update of CrowdStrike’s EDR product,” said Omer Grossman, Chief Information Officer at identity security firm CyberArk.
EDR, or Endpoint Detection and Response, is a cybersecurity product that companies place on their clients’ computers to help defend them from hackers. That software, which runs in the background on clients’ machines, or endpoints, is used by cybersecurity firms to monitor for signs of attack on their clients’ networks.
“It turns out that because the endpoints have crashed – the Blue Screen of Death – they cannot be updated remotely and the problem must be solved manually, endpoint by endpoint. This is expected to be a process that will take days,” he added.
WHY ARE SO MANY IMPACTED?
With the move to the cloud and with companies owning huge market shares, their software is running on millions of computers around the world.
“The damage to business processes at the global level is dramatic,” said Grossman.