Cyber Security

Global IT Outage: Over 5,000 Flights Cancelled; Security 'Arms Race' to Blame

20 July 2024

|

Zaker Adham

Summary

A software update has led to a worldwide IT disruption, causing flight cancellations, healthcare system issues, and potential payroll problems. The responsible firm has apologized, but experts warn that resolving the "blue screens of death" and endless loops could take weeks.

Airlines, healthcare providers, shipping companies, and financial institutions are gradually restoring their services after hours of disruption. Despite fixing the glitch, companies are now facing the daunting task of clearing backlogs of delayed and cancelled flights, medical appointments, missed orders, and other issues that may take days to resolve.

Businesses are also grappling with how to prevent future outages triggered by the very technology meant to protect their systems.

An earlier software update from global cybersecurity firm CrowdStrike, one of the industry’s largest operators, caused system failures that grounded flights, forced broadcasters off the air, and left customers without access to services like healthcare and banking.

According to CrowdStrike and the UK's National Cyber Security Centre, the incident was not a security breach or cyberattack.

The outage has brought attention to CrowdStrike, an $83 billion company with over 20,000 global subscribers, including major firms like Amazon and Microsoft.

The UK government activated its COBRA emergency response team to address the situation. Here’s a detailed look at the affected services:

Travel

Flights: As of 8 pm, more than 5,000 flights were cancelled out of 110,000 scheduled worldwide. Airports experienced long queues, but operations at Heathrow and Edinburgh are returning to normal. Ryanair advised customers with cancelled flights to leave the airports, while some airlines issued handwritten tickets. Airports like Belfast International used whiteboards for updates. US carriers grounded their planes, affecting airports globally, including those in Spain, Singapore, Hong Kong, Australia, and Germany. Train services from operators like Avanti West Coast, Great Western Railway, Southern, and Thameslink were also impacted.

Hospitals and Emergency Services

Healthcare: Patients faced difficulties booking appointments at GP surgeries across England. Pharmacies warned of continued disruptions over the weekend. The Royal Surrey NHS Foundation Trust declared a critical incident due to IT issues, while some hospitals reported delays and others continued normal operations. The London Ambulance Service saw a surge in calls to its 999 and 111 services. NHS Blood and Transplant urged people to keep their blood donor appointments due to an urgent need for O negative blood.

Businesses

Retail and Payroll: Major UK supermarkets like Tesco, Sainsbury's, Asda, Morrisons, and Waitrose experienced online service issues. A Waitrose in Hampshire accepted cash only due to what seemed to be a broader issue. Payroll software problems

affected many businesses, potentially complicating weekly payments.

CrowdStrike's Response

CrowdStrike CEO George Kurtz warned that "adversaries and bad actors" might try to exploit the outage. He urged vigilance and engagement with official CrowdStrike representatives, promising full transparency about the incident’s cause. The company is working on a technical update and root cause analysis, which will be shared publicly. Kurtz clarified that the outage was caused by a defect in a Falcon content update for Windows hosts, with Mac and Linux hosts unaffected. "All of CrowdStrike understands the gravity and impact of the situation," he said, committing to preventing similar incidents in the future.