Software update at cybersecurity firm CrowdStrike caused global glitch; CEO apologies, says it wasn’t cyberattack
July 19, 2024
SYDNEY: A massive IT outage disrupted operations at companies across multiple industries on Friday, with major airlines halting flights, some broadcasters off-air and sectors ranging from banking to healthcare hit by system problems.
The cyber outage was caused after an update to a product offered by global cyberscurity firm CrowdStrike, which apparently triggered the issue, affecting customers using Microsoft’s Windows Operating System. Microsoft said later on Friday the issue had been fixed.
Banks and financial services companies from Australia to India and Germany warned customers of disruptions and traders across markets spoke of problems with executing transaction.
“We are having the mother of all global market outages,” one trader said.
In Britain, booking systems used by doctors were offline, multiple reports posted on X by medical officials said, while Sky News, one of the country’s major news broadcasters was off air, apologising for being unable to transmit live, and soccer club Manchester United said on X that it had to postpone a scheduled release of tickets.
CrowdStrike struck
In an alert to clients issued at 0530 GMT on Friday, CrowdStrike said its “Falcon Sensor” software was causing Microsoft Windows to crash and display a blue screen, known informally as the “Blue Screen of Death”. It also shared a manual workaround to rectify the issue.
Over half of Fortune 500 companies used CrowdStrike software, the US firm said in a promotional video this year.
“This is a a very, very uncomfortable illustration of the fragility of the world’s core Internet infrastructure,” said Ciaran Martin, Professor at Oxford University’s Blavatnik School of Government and former head of the UK National Cyber Security Centre.
The outages rippled far and wide.
Airports in Singapore, Hong Kong and India said the outage meant some airlines were having to check in passengers manually.
Amsterdam’s Schiphol Airport, one of Europe’s busiest, said it was affected, while airline Iberia said it had been operating manually at airports until its electronic check-in counters and online check-ins were reactivated. It said there had been some delays but no flight cancellations.
CEO says just one update wreaked havoc
CEO and president of CrowdStrike George Kurtz stated on Friday that a defect in a single content update for Windows hosts was the source of the significant disruption in his company’s system, not a security event or cyber attack.
Several industries were affected by the worldwide tech outage, which caused airlines to cancel flights, some broadcasters to go off air, and system issues in everything from banking to healthcare.
Giving an update on the system, Kurtz said his company was actively working with customers impacted by the fault.
“The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website,” he said.
He further recommended that organisations ensure they communicate with CrowdStrike representatives through official channels. “Our team is fully mobilised to ensure the security and stability of CrowdStrike customers,” he added.
His statement came hours after a major outage wrought havoc on global computer systems such as Microsoft and CrowdStrike, grounding flights in the United States, derailing television broadcasts in the UK and impacting telecommunications in Australia.
Major US air carriers including Delta, United and American Airlines grounded all flights on Friday over a communication issue, according to the Federal Aviation Administration.
Flights were suspended at Berlin Brandenburg airport in Germany due to a “technical problem”, a spokeswoman told AFP.
“There are delays to check-in, and flight operations had to be cancelled until 10:00 am (0800 GMT),” the spokeswoman said, adding that she could not say when they would resume.
All airports in Spain were experiencing “disruptions” from an IT outage that has hit several companies worldwide on Friday, the airport operator Aena said.
Hong Kong’s airport also said some airlines had been affected, with its authority issuing a statement in which it linked the disruption to a Microsoft outage.
The UK’s biggest rail operator meanwhile warned of possible train cancellations due to IT issues, while photos posted online showed large queues forming at Sydney Airport in Australia.
“Flights are currently arriving and departing however there may be some delays throughout the evening,” a Sydney Airport spokesman said.
“We have activated our contingency plans with our airline partners and deployed additional staff to our terminals to assist passengers.”
Australia’s National Cyber Security Coordinator said the “large-scale technical outage” was caused by an issue with a “third-party software platform”, adding there was no information as yet to suggest hacker involvement.
Banks, airports hit
Sky News in the UK said the glitch had ended its morning news broadcasts, while Australian broadcaster ABC similarly reported a major “outage”.
Some self-checkout terminals at one of Australia’s largest supermarket chains were rendered useless, displaying blue error messages.
New Zealand media said banks and computer systems inside the country’s parliament were reporting issues.
Australian telecommunications firm Telstra suggested the outages were caused by “global issues” plaguing software provided by Microsoft and cybersecurity company CrowdStrike.
Microsoft said in a statement it was taking “mitigation actions” in response to service issues.
It was not clear if those were linked to the global outages.
“Our services are still seeing continuous improvements while we continue to take mitigation actions,” Microsoft said in a post on social media platform X.
CrowdStrike could not immediately be reached for comment.
‘Enormous’
University of Melbourne expert Toby Murray said there were indications the problem was linked to a security tool called Crowdstrike Falcon.
“CrowdStrike is a global cyber security and threat intelligence company,” Murray said.
“Falcon is what is known as an endpoint detection and response platform, which monitors the computers that it is installed on to detect intrusions (i.e. hacks) and respond to them.”
University of South Australia cybersecurity researcher Jill Slay said the global impact of the outages was likely to be “enormous”.
Air travel hit
Air passengers around the world faced delays, cancellations and problems checking in as airports and airlines were caught up in a massive IT outage that also affected industries ranging from banks to media companies.
Out of over 110,000 scheduled commercial flights on Friday, 1,390 have been cancelled globally so far and more are expected to be called off, according to data from global aviation analytics firm Cirium.
In Edinburgh, a Reuters witness said boarding pass scanners carried a “server offline message”, with the airport saying passengers shouldn’t travel to the airport without checking their flight status online first.
Elsewhere, airports and airlines advised customers to arrive earlier than normal for flights. Analysts said the outage was likely tied to a glitch in Microsoft software used globally.