WORLDWIDE WINDOWS WEBBED: With apologies to William Shakespeare:
As flies to wanton boys are we to the bots, they kill us for their sport.
A massive global technology outage on Friday took down airlines, medical services, TV broadcasts, banks and scores of other businesses and services around the world, a stunning example of the fragile dependence the global economy has on certain software and the cascading effect it can have when things go wrong.
At the heart of the disruption lay an update from cybersecurity provider CrowdStrike on Friday morning that sent computers into a recovery boot loop.
Microsoft pinned the global disruption on “an update from a third-party software platform” while CrowdStrike said: “This is not a security incident or cyberattack.”
Adding to the turmoil was a separate snag involving Microsoft systems.
From check-ins at airports to banking transactions, from the cancellation of elective medical procedures to buying croissants and coffee, the outage presented users with the dreadful “blue screen of death” (BSOD) error. Some services, however, resumed within a few hours.
Indian carriers like IndiGo and SpiceJet were hit. “Systems are impacted globally due to ongoing issues with Microsoft Azure,” IndiGo posted on X.
SpiceJet said that “online services including booking, check-in and manage booking functionalities” had been impacted.
Some of Akasa Air’s online services too suffered. Indian Computer Emergency Response Team, CERT-In, issued a severity rating of “critical” for the incident.
Sources in the Indian civil aviation ministry said the outage had hit booking and check-in services of several airlines, including Air India, IndiGo and SpiceJet. Several airlines resorted to manual check-in and boarding processes at the airports and requested passengers to reach airports early.
Additional employees have been deployed at Delhi airport to assist passengers and address their concerns.
The civil aviation ministry said manual backup systems had been set up to maintain operational continuity and airline and airport authorities had been directed to provide water and food to passengers affected by delays.
“I have directed airport authorities and airlines to be compassionate and provide extra seating, water and food to passengers affected by delays. All airlines have been instructed to keep passengers informed about their flight status. The ministry and the Airports Authority of India (AAI) are actively managing the situation using manual methods to ensure minimal disruption,” said civil aviation minister Ram Mohan Naidu.
Given the timing of the outage, the first reported problems were from Australia, New Zealand, Singapore and Japan. Singapore’s Changi Airport, among the most digitally advanced in the world, relies on automated machines for check-ins, baggage drops and passenger boarding.
Airport Authority Hong Kong said it had to activate its “emergency response mechanism” while Dubai International Airport, one of the world’s busiest transit hubs, was back in action after the outage hobbled the check-in process for some airlines at two of its terminals.
Patient booking services were hamstrung at some UK doctors’ practices, according to statements posted on X by medical centres. So were card payments at Waitrose stores across Britain, with cashless customers unable to buy their morning coffee and croissant. The London Stock Exchange said it could not publish news or announcements on its website.
Elective procedures were called off at Germany’s University Hospital Schleswig-Holstein medical care centre.
In the US, American Airlines, United and Delta grounded flights citing communications issues, according to the Federal Aviation Administration’s advisory page.
CrowdStrike is widely used by many businesses worldwide to manage the security of Windows PCs and servers. The company, founded in 2011 and headquartered in Austin, Texas, is one of the world’s largest providers of “endpoint” security software. The technology defends endpoints such as desktops, laptops and mobile devices “from malicious activity”.
CrowdStrike’s Falcon software is used primarily on Microsoft Windows systems, rather than Apple Macs. The Falcon system is part of Crowdstrike’s security tools and can block attacks on systems, according to the company.
George Kurtz, chief executive of the company, said: “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted.”
The incident served to highlight the modern world’s dependence on IT and software, and also the trust companies place in various third-party vendors.
Harjinder Lallie, cybersecurity expert, University of Warwick, said in a statement: “This IT ‘catastrophe’ highlights the need for greater resilience, a greater focus on backup systems, and possibly even a need to rethink whether we are using the most resilient operating systems for such critical systems.”
Running alongside the CrowdStrike episode was an outage on Microsoft’s cloud service system, Azure. Some users were unable to access certain Microsoft 365 apps and services, including Teams videoconferencing.
The root cause appeared to be “a configuration change in a portion of our Azure backend workloads”.
Paris Olympics organisers said they were experiencing problems linked to the outage, a week before the opening ceremony.
“Paris 2024 is aware of global technical issues affecting Microsoft software. These issues are impacting Paris 2024’s IT operations,” the organisers said. The problem appears to have affected the accreditation system, with some people unable to pick up badges.
Independent cybersecurity researcher and consultant Lukasz Olejnik said it wasn’t clear how to fix computers that had already been affected by the CrowdStrike outage. He pointed to a workaround but said “it requires manually tampering with Windows systems files in recovery mode”.
CrowdStrike was in the news a few years ago when its analysts investigated the data breach affecting the Democratic National Convention in 2016.
Redburn Atlantic, which offers US and European equity research and capital markets services, had downgraded CrowdStrike’s stock to “sell” a day before the outage.
IT minister Ashwini Vaishnaw said his ministry was in touch with Microsoft and added that the National Informatics Centre (NIC) network was not affected.
In a post on X, Vaishnaw said the reason for the outage had been identified and updates had been released to resolve the issue.
“MEITY is in touch with Microsoft and its associates regarding the global outage.... The NIC network is not affected,” the minister said.
The Reserve Bank of India said the outage in Microsoft Services had impacted 10 banks and NBFCs with minor disruptions that had either been resolved or were being resolved.
Inputs from our Delhi and business bureaus and New York Times News Service