UK

Global IT outage: What happened and when will it be fixed?

Cybersecurity firm CrowdStrike confirmed an update had affected customers using Microsoft Windows around the world.

Passengers in the South Terminal at Gatwick Airport amid reports of widespread IT outages
Passengers in the South Terminal at Gatwick Airport amid reports of widespread IT outages (Brian Lawless/PA)

Experts have warned it could take weeks for systems to fully recover from a global outage which has seen disruption including flight delays and cancellations.

A flawed update rolled out by CrowdStrike, one of the world’s largest cybersecurity providers, knocked many offline around the world on Friday, causing flight and train cancellations and crippling some healthcare systems.

Here is a closer look at what we know about the incident.

– What exactly has happened?

CrowdStrike chief executive George Kurtz confirmed the issue was caused by a “defect in a single content update for Windows hosts” – in short, a flaw in a software “sensor configuration” update pushed out to customers.

Join the Irish News Whatsapp channel

He said a fix had been deployed for a bug in an update which affected Microsoft Windows PCs, causing many to crash, some displaying the so-called “blue screen of death”, and become unusable. CrowdStrike confirmed Apple Mac and Linux users were unaffected

IT infrastructure at businesses and institutions around the world collapsed, taking many businesses and their online services offline.

In an interview with NBC’s Today Show in the US, Mr Kurtz said the incident was not a cyber attack, while a technical statement from CrimeStrike on Saturday said a “sensor configuration” had “triggered a logic error” which the company said had been corrected.

Passengers in the South Terminal at Gatwick Airport
Passengers in the South Terminal at Gatwick Airport (Brian Lawless/PA)

– What is the scale of the impact?

Substantial – around the world, banks, supermarkets and other major institutions saw services disrupted, while many businesses were unable to take digital payments or access key databases.

NHS England said “the majority of GP practices” had experienced disruption and ambulance services reported increases in 999 and NHS 111 calls from patients who were unable to contact other NHS providers, while the National Pharmacy Association said pharmacies had seen issues “including the accessing of prescriptions from GPs and medicine deliveries”.

Airlines reported being unable to process passengers and resorted to manually checking in customers at airports around the world with 167 flights departing from the UK and 171 incoming cancelled on Friday. Aviation analytics company Cirium said 5,078 flights – or 4.6% of those scheduled – were cancelled globally.

Govia Thameslink Railway warned passengers to expect disruption because of “widespread IT issues” while Sky News was forced off air briefly on Friday morning, while customers faced issues with attempting to pay using cards.

– How has CrowdStrike responded?

Mr Kurtz said he is “deeply sorry” for the situation and said CrowdStrike was “actively working” with those impacted.

Saying the issue had been “identified” and that a “fix has been deployed”, he said his team was “fully mobilised to ensure the security and stability of CrowdStrike customers”.

A person views a check-in display at Edinburgh Airport
A person views a check-in display at Edinburgh Airport (Andrew Milligan/PA)

In a letter to customers and partners, Mr Kurtz said: “We know that adversaries and bad actors will try to exploit events like this.

“I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

– How long will the issue take to be rectified?

Industry expert Adam Leon Smith of BCS, the Chartered Institute for IT, warned it could take “weeks” for all computers and systems to be fully restored, while Mr Kurtz said it would take “some time”.

He told NBC: “Some of the systems that aren’t recovering, we’re working with them, so it could be some time for some systems that just automatically won’t recover, but it is our mission to make sure that every customer is fully recovered and we’re not going to relent until we get every customer back to where they were and we’ll continue to protect them and keep the bad guys out of their systems.”

Cybersecurity experts said it is good news that the issue has only impacted Windows users and a fix having been deployed should mean larger IT departments can quickly begin restoring services, while Microsoft deputy chief information security officer Ann Johnson said they could not predict how long it would take to get all customers back online.

Signs of disruption are likely to remain into the weekend with the National Pharmacy Association warning pharmacy services are likely to see delays as outlets deal with a backlog of medicine deliveries while airports across the UK stressed that passengers should check with airlines for any delays or cancellations before travelling over the weekend.