Mass IT outage hits companies around the world as planes grounded and train services affected

BouncerGuy

Super Moderator
Staff member
Joined
Aug 29, 2023
Runs
21,234
Businesses including banks, airlines, telecommunications companies, TV and radio broadcasters, and supermarkets have been taken offline following a mass global outage.

Major US airlines including American Airlines, Delta Airlines and United Airlines have been grounded, while airports in Germany and Spain are also reporting issues.

In the UK, Southern, Thameslink, Gatwick Express and Great Northern - all four of Govia Thameslink Railway's brands - said its services were experiencing widespread IT issues.

"We are unable to access driver diagrams at certain locations, leading to potential short-notice cancellations, particularly on the Thameslink and Great Northern networks," the company said.

"Additionally, other key systems, including our real-time customer information platforms, are also affected."

It comes as Microsoft said it was continuing to address the "lingering impact" of its 365 applications and services that are in a "degraded state" - it is unknown if this is the same issue affecting airports and train services across the globe.

The outage appears to be affecting Windows PCs globally, including Sky News in the UK which was not able to broadcast live TV on Friday morning.

Users on the subreddit for cyber security firm Crowdstrike reported issues in India, the United States and New Zealand.

While users in Australia began reporting issues early on Friday, stating they had been locked out of their workstations.

SOURCE: https://news.sky.com/story/mass-it-...nd-the-world-as-planes-grounded-13180809?s=08
 
Insane.. US has unchecked authority on global network and softwares with rare except of SAP on premises.
This must be the biggest global impact due to MS..
 
Microsoft outage: Aviation ministry asks airlines to inform passengers via SMS as flights get impacted

he aviation ministry has asked Indian airlines to inform passengers via texts regarding delays and cancellation of flights amid an outage of Microsoft Windows.

“Have instructed airlines to inform passengers via SMS with immediate flights on the check in delays and cancellation. Airline crew managing the situation on-ground. Airport authorities are working on an on-ground management plan due to the influx of passengers,” said a Ministry of Civil Aviation spokesperson.

This comes amid Indian airlines, including IndiGo, SpiceJet, Akasa Air issued statements about experiencing significant disruptions due to the ongoing outage with Microsoft Azure.

As a temporary measure, airlines have issued hand-written boarding passes for immediate flights. Passengers with cabin baggage have been prioritised for boarding, sources said. Airport officials have also been instructed to manage footfall at the airport.

The average delay for departure at Delhi airport is estimated to be 35 minutes, while Bengaluru and Mumbai airports are witnessing delays of 32 minutes and 40 minutes respectively, said sources.

Delhi International Airport Limited said, “Due to the global IT issue, some of the services at the Delhi Airport were temporarily impacted.We are closely working with all our stakeholders to minimise the inconvenience to our flyers. Passengers are requested to be in touch with the airline concerned or the help desk on ground for updated flight information.”

Meanwhile, the government has taken cognisance of the Microsoft outage. Senior officials of DoT and MeitY are speaking to Microsoft to resolve the outage.

Banks, media, airline and airport, company and broker operations from across the world have been impacted by the outage. The outage is believed to be from the side of CrowdStrike Engineering, a cybersecurity services firm that works with Microsoft, which has led to a major tech issue impacting millions with Windows computers worldwide.

SOURCE: https://www.businesstoday.in/indust...sms-as-flights-get-impacted-437796-2024-07-19
 
Crowdstrike and Microsoft: What we know about global IT outage

A mass IT outage has caused chaos around the world, with major banks, media outlets and airlines among the victims.

Many flights have been grounded, with queues and delays at airports, while shops and communications have also been hit.

Cyber-security firm Crowdstrike has admitted one of its updates caused the problem, which it said affected Microsoft Windows devices.

Microsoft has said it is taking "mitigation action" to deal with "the lingering impact" of the outage.

What caused this?

The boss of global cyber-security firm Crowdstrike, George Kurtz, has said the problems were caused by a "defect" in a "content update" for Microsoft Windows devices.

He added: "The issue has been identified, isolated and a fix has been deployed."

Mr Kurtz said the issues did not affect other operating systems, adding: "This is not a security incident or cyber-attack."

His statement followed widespread reports that Crowdstrike, which produces antivirus software, had issued a software update that caused Windows devices to crash.

Crowdstrike shares plunged as much as 21% in early pre-market trade. Microsoft also lost ground, as did travel and leisure stocks, as investors weighed the potential disruption for holidaymakers.

What exactly is Crowdstrike?

It's a reminder of the complexity of our modern digital infrastructure that Crowdstrike, a company that's not exactly a household name, can be at the heart of such worldwide disarray.

The US firm, based in Austin, Texas, is a listed company on the US stock exchange, featuring in both the S&P 500 and the high-tech Nasdaq indexes.

Like a lot of modern technology companies, it hasn't been around that long. It was founded a mere 13 years ago, but has grown to employ nearly 8,500 people.

As a provider of cyber-security services, it tends to get called in to deal with the aftermath of hack attacks.

It has been involved in investigations of several high-profile cyber-attacks, such as when Sony Pictures had its computer system hacked in 2014.

But this time, because of a flawed update to its software, a firm that is normally part of the solution to IT problems is instead at their origin.

In its last earnings report, Crowdstrike declared a total of nearly 24,000 customers. That's an indication not just of the size of the issue, but also the difficulties that could be involved in fixing it.

Each of those customers is a huge organisation in itself, so the number of individual computers affected is hard to estimate.

And according to those in the know, the fix will probably have to be applied separately to each and every device affected - causing a massive headache for IT departments everywhere.

Who is affected?

The problem emerged in a piecemeal fashion, with first reports coming out of Australia.

Payment systems went down at Australian stores including Woolworths, while financial institutions such as the National Australia Bank were also affected.

Then the issues spread to the US. The state of Alaska warned that its emergency services were affected, while several of the country's airlines - United, Delta and American Airlines - grounded their flights around the globe.

Australian carriers Virgin Australia and Jetstar also had to delay or cancel flights as departure screens went blank at Sydney airport.

Tokyo-Narita and Delhi airports said services had been affected. European airports reported that the outage was causing delays, with long queues reported at London's Stansted and Gatwick and Amsterdam's Schiphol.

Ryanair said it was experiencing "potential disruptions across the network", which it said were due to a third-party outage.

Broadcasters were also caught up in the chaos, including Sky News in the UK, which spent several hours off air.

As the full extent of the disruption became clear, more firms and institutions started reporting problems.

The London Stock Exchange said it was working as normal, but there were issues with its news service, used by companies to report market-sensitive information in a timely way.

Israel says 15 hospitals have switched to manual processes but this has not affected medical treatment. Ambulances are being told to take new cases to other hospitals.

And Poland’s largest container terminal, the Baltic Hub in the northern city of Gdansk, has said the outage is "hampering terminal operations" and has asked companies not to send containers to the port.

In the UK, railway companies have reported delays and said they were experiencing "widespread IT issues", while some doctors' surgeries in England reported issues with booking appointments.

The problems have extended to upmarket UK bakery chain Gail's, which has said it is currently unable to take in-store payments.

BBC
 
Almost 1,400 flights cancelled worldwide

There were around 110,000 commercial flights scheduled across the world today - as of 11:00 BST, 1,390 have been cancelled, according to aviation analytics company Cirium.

Here's a national breakdown - we hope to have up-to-date UK figures soon:

US: 512 flights cancelled so far
Germany: 92
India: 56
Italy: 45
In Canada: 21

BBC
 

Hospitals urge patients to attend as normal during IT outage​


Hospitals across the North West have urged patients to attend as normal during the worldwide IT outage.

The outage has impacted IT systems in healthcare services across the region.

Hospitals including the Countess of Chester and the Royal Liverpool have shared a message from NHS England advising people to attend appointments unless told otherwise.

NHS England said there were currently no known impact on emergency services.

"The NHS has long standing measures in place to manage the disruption, including using paper patient records and handwritten prescriptions, and the usual phone systems to contact your GP," an NHS England spokesperson said.

They advised people to only contact their GP if it was urgent, and otherwise to use the 111 online service or call 111.

In a statement issued via X, Warrington and Halton Teaching Hospitals NHS Trust said: "Please be aware of this global IT issue today which is affecting healthcare and other services.

"Services may be busier and you may have to wait longer to be seen."

The Christie cancer hospital in Manchester confirmed it had been impacted, saying it was "expected to have a small impact on chemotherapy and immunotherapy services and some internal hospital systems".

A spokesperson said patients attending for systemic anti-cancer treatments should attend as normal unless they have been contacted in advance by the team.

"All other patients who have an appointment should attend as usual," they added.

They apologised for any inconvenience or delays, adding that they were working with their suppliers and partners to resolve the issue and had plans in place to mitigate the disruption.

Further updates would be published on The Christie's website and social media channels.

The outage has also affected "a small number" of applications at Lancashire and South Cumbria NHS Foundation Trust.

Abigail Harrison, chief digital and infrastructure officer, said: "Business continuity plans have been put in place to ensure we can support patients while the issue is resolved.

"We will continue to monitor the situation and communicate with our partners."

Microsoft has said the outage began at about 18:00 ET (23:00 BST) on Thursday and was taking "mitigation actions" after service issues, the AFP news agency has reported.

 
CrowdStrike CEO says sorry for impact of outage

“We’re deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this, including our companies,” CrowdStrike CEO George Kurtz said on NBC’s “Today Show” Friday. “We know what the issue is” and are working to remediate it.

He said the system was sent an update and the update had a bug in it causing a problem to Microsoft’s Windows operating system.

“It was only the Microsoft operating system” that was affected, though it didn’t happen on every Microsoft Windows system, he said.

Source: AP News
 
Insane.. US has unchecked authority on global network and softwares with rare except of SAP on premises.
This must be the biggest global impact due to MS..
It’s not due to MS. It’s a crowdstrike update for Windows. that has caused issues with systems booting up from what I gather.
If you are running crowdstrike on Linux or Mac or other non windows OS, or Windows without Crowdstrike, you are fine.
 
Hospitals and clinics in Houston, Texas affected

In Texas, Harris Health System, which runs public hospitals and clinics in the Houston area, said it had to suspend hospital visits “until further notice” on Friday due to the outage.

Elective hospital procedures on Friday were being canceled and rescheduled. Clinic appointments were initially impacted, but they returned to normal later Friday.

“Some services may not be available due to the current CrowdStrike incident. We appreciate your patience and understanding as we work through this disruption,” the health system said.

Source: AP News
 
It’s not due to MS. It’s a crowdstrike update for Windows. that has caused issues with systems booting up from what I gather.
If you are running crowdstrike on Linux or Mac or other non windows OS, or Windows without Crowdstrike, you are fine.
Yeah i mentioned that in post 6 after, as info came after that.
Ceo has apologised.
 
Nothing is more important than customer trust - Crowdstrike CEO

Crowdstrike CEO George Kurtz says "nothing is more important" to him than the trust and confidence of the cybersecurity firm's customers and partners.

In a letter, external sent to its customers and partners, Kurtz apologises for the global IT outage and says Crowdstrike "understands the gravity and impact of the situation".

"We are working closely with impacted customers and partners to ensure that all systems are restored, so you can deliver the services your customers rely on," he says.

He urges people to only engage with official Crowdstrike representatives, adding that "bad actors" will try to "exploit" the situation.

"As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again."

Source: BBC
 
Global IT outage: CrowdStrike issue could take 'weeks' to clear as full impact is revealed

It could take "weeks" to fix a global IT outage which grounded more than 5,000 flights, an expert has warned, as the full impact of the software bug becomes clear.

The outage spread globally on Friday morning after an update from global cybersecurity firm CrowdStrike knocked many Microsoft Windows PCs offline with a "blue screen of death" appearing on screens.

The issue caused travel cancellations and left NHS systems inaccessible.

The company's founder later confirmed it was caused by a bug in the update and not a cyber attack, as some had feared.


SKY News
 
The team who coded the upgrade and the quality check department in CS gonna have a long week ahead.
 
Global services slowly recovering after bug causes IT chaos

Businesses and services around the world are slowly recovering after a massive IT outage affected computer systems for hours on Thursday and Friday.

Businesses, banks, hospitals and airlines were among the worst-hit after cyber-security firm Crowdstrike issued a faulty software update which affected Microsoft Windows.

Crowdstrike's CEO apologised for the disruption and said a fix had been issued, but admitted it could be "some time" before all systems were back up and running.

While some airline services are beginning to return to normal after thousands of flights were cancelled, operators expect some delays and cancellations to persist through the weekend.

Many businesses are now dealing with backlogs and missed orders that could take days to resolve.

Health services in Britain, Israel and Germany also suffered problems, with some operations cancelled.

The global chaos has sparked concern over the vulnerability of the world's interconnected technologies, and the extent to which a single software glitch could have such widespread impact.

The issue began at 19:00 GMT on Thursday, affecting Windows users running cybersecurity software CrowdStrike Falcon, according to Microsoft, though the full extent of the problem only became clear by Friday morning.

But by Friday evening, the problems were easing in many parts of the globe, with many airports saying that while there were still issues with check-in and payment systems, most flights were now running. Hong Kong International Airport has resumed normal operations, according to Chinese state media.

Meanwhile, JP Morgan Chase, the biggest bank in the US, said it is working to restore service to ATM machines.

The website Downdetector, which detects sites which may be having tech issues, showed fewer sites in the UK which were experiencing problems by the end of the day.

Crowdstrike CEO George Kurtz said on X that a defect was found "in a single content update for Windows hosts".

"We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our company," he told the NBC network.

"Many of the customers are rebooting the system and it's coming up and it'll be operational.

"It could be some time for some systems that just automatically won't recover, but it is our mission... to make sure every customer is fully recovered."

Microsoft has also said that several reboots may be required, with some users reporting that as many as 15 could be needed before the problem is fixed.

Also, tech experts say Crowdstrike's fix will have to be applied separately to each and every device affected.

Questions are likely now to be raised about Crowdstrike's influence as one of the largest operators in the cyber-security market and the wisdom of having such a crucial part of the industry controlled by just a small number of companies.

Crowdstrike's shares fell by around 12% on Friday, at the expense of rivals SentinelOne and Palo Alto Networks.

The problems were first noticed in Australia, and possibly felt most severely in the air travel industry.

Airports saw delays, with long queues as flights were cancelled or delayed, aircraft grounded and passengers stranded.

Some saw extra staff drafted in to check in passengers manually.

By 18:00 GMT, aviation data from Cirium suggested that more than 4,000 flights - or 3.9% of the total - had been cancelled so far on Friday, though the figure may also include flights cancelled for other reasons.

Payment systems, banking and healthcare providers around the world were affected.

It is thought the outage may also have a longer term effect as companies struggle to pay wages to staff, particularly where payments are made on a weekly basis.

Some railway companies warned of delays, and broadcasters Sky News and ABC Australia both experienced outages.

BBC
 

Experts warn of second wave of disruption as criminals seek to exploit chaos​

Cyber-security experts are warning of a second wave of disruption and harm that has started to come from cyber criminals hoping to capitalise on the chaos.

This morning Australian Signals Directorate (ASD), the equivalent of the UK's GCHQ or the US's National Security Agency (NSA), issued an alert about hackers sending out bogus software fixes claiming to be CrowdStrike.

"Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover" the notice reads.

The agency is urging IT responders to only use CrowdStrike's website to source information and help.

The ASD warning follows calls from the UK's National Cyber Security Centre (NCSC) yesterday for people to be hyper vigilante of suspicious emails or calls that pretend to be CrowdStrike or Microsoft help.

"An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation," the agency said.

BBC
 

Airlines resume services after global IT crash wreaks havoc​


Airlines were gradually coming back online Saturday after global carriers, banks and financial institutions were thrown into turmoil by one of the biggest IT crashes in recent years, caused by an update to an antivirus program.

King Khalid International Airport in Riyadh posted a video of smooth airport operations shortly after the IT outage was fixed.

Dubai Airports said in a statement that operations were back to normal after the outage affected the check-in process for some airlines in Terminals 1 and 2.

“The affected airlines promptly switched to an alternate system, allowing normal check-in operations to resume swiftly,” the statement read.

Similarly, Kuwait International Airport reported resumption of flight operations and the technical systems of all airlines. “The swift response and activation of the emergency plan, approved by the civial aviation, helped mitigate the negative impact of this outage,” said the statement.

Passenger crowds had swelled at airports on Friday to wait for news as dozens of flights were canceled and operators struggled to keep services on track, after an update to a program operating on Microsoft Windows crashed systems worldwide.

Multiple US airlines and airports across Asia said they were now resuming operations, with check-in services restored in Hong Kong, South Korea and Thailand, and mostly back to normal in India, Indonesia and at Singapore’s Changi Airport as of Saturday afternoon.

“The check-in systems have come back to normal (at Thailand’s five major airports). There are no long queues at the airports as we experienced yesterday,” Airports of Thailand president Keerati Kitmanawat told reporters at Don Mueang airport in Bangkok.

Microsoft said the issue began at 1900 GMT on Thursday, affecting Windows users running the CrowdStrike Falcon cybersecurity software.

CrowdStrike said it had rolled out a fix for the problem and the company’s boss, George Kurtz, told US news channel CNBC he wanted to “personally apologize to every organization, every group and every person who has been impacted.”

It also said it could take a few days to return to normal.

US President Joe Biden’s team was talking to CrowdStrike and those affected by the glitch “and is standing by to provide assistance as needed,” the White House said in a statement.

“Our understanding is that flight operations have resumed across the country, although some congestion remains,” a senior US administration official said.

Reports from the Netherlands and Britain suggested health services might have been affected by the disruption, meaning the full impact might not yet be known.

Media companies were also hit, with Britain’s Sky News saying the glitch had ended its Friday morning news broadcasts, and Australia’s ABC similarly reporting major difficulties.

By Saturday, services in Australia had mostly returned to normal, but Sydney Airport was still reporting flight delays.

Australian authorities warned of an increase in scam and phishing attempts following the outage, including people offering to help reboot computers and asking for personal information or credit card details.

Banks in Kenya and Ukraine reported issues with their digital services, while some mobile phone carriers were disrupted and customer services in a number of companies went down.

“The scale of this outage is unprecedented, and will no doubt go down in history,” said Junade Ali of Britain’s Institution of Engineering and Technology, adding that the last incident approaching the same scale was in 2017.

While some airports halted all flights, in others airline staff resorted to manual check-ins for passengers, leading to long lines and frustrated travelers.

The US Federal Aviation Administration (FAA) initially ordered all flights grounded “regardless of destination,” though airlines later said they were re-establishing their services and working through the backlog.

India’s largest airline Indigo said operations had been “resolved,” in a statement posted on X.

“While the outage has been resolved and our systems are back online, we are diligently working to resume normal operations, and we expect this process to extend into the weekend,” the carrier said Saturday.

A passenger told AFP that the situation was returning to normal at Delhi Airport by midnight on Saturday with only slight delays in international flights.

Low-cost carrier AirAsia said it was still trying to get back online, and had been “working around the clock toward recovering its departure control systems (DCS)” after the global outage. It recommended passengers arrive early at airports and be ready for “manual check-in” at airline counters.

Chinese state media said Beijing’s airports had not been affected.

In Europe, major airports including Berlin, which had suspended all flights earlier on Friday, said departures and arrivals were resuming.

Companies were left patching up their systems and trying to assess the damage, even as officials tried to tamp down panic by ruling out foul play.

CrowdStrike’s Kurtz said in a statement his teams were “fully mobilized” to help affected customers and “a fix has been deployed.”

But Oli Buckley, a professor at Britain’s Loughborough University, was one of many experts who questioned the ease of rolling out a proper fix.

“While experienced users can implement the workaround, expecting millions to do so is impractical,” he said.

Other experts said the incident should prompt a widespread reconsideration of how reliant societies are on a handful of tech companies for such an array of services.

“We need to be aware that such software can be a common cause of failure for multiple systems at the same time,” said John McDermid, a professor at York University in Britain.

He said infrastructure should be designed “to be resilient against such common cause problems.”

 
Restorations are ongoing after global tech outage strands thousands at airports, disrupts hospitals and public services

Operations are gradually being restored but delays continue for a second day after “the largest IT outage in history” disrupted sectors across the globe, leaving thousands of passengers stranded at airports, emergency communication services down and blood donation centers without vital shipments.

Airlines, businesses, government agencies, health and emergency services, banks and schools and universities around the world ground to a halt or saw services disrupted due to a flawed software update for Microsoft Windows operating systems issued by the cybersecurity firm CrowdStrike, experts told CNN.

CrowdStrike’s CEO said a fix has been deployed, but experts say getting systems back in order will be a lengthy process.

The outage affected an estimated 8.5 million Windows devices, less than 1 percent of all Windows machines, according to a Saturday blog post from Microsoft. “While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” Microsoft said.

According to the tracking website FlightAware, more than 2,300 flights into, out of, or within the US have been canceled and more than 6,000 delayed, as of Saturday afternoon.

On Friday, more than 3,000 flights were canceled and more than 11,000 were delayed, according to FlightAware.com.

Worldwide, major airlines have said services are being restored.

A majority of United Airlines systems have recovered from Friday’s outage, the airline said in a statement.

“While most of our systems have recovered from the worldwide third-party software outage, we may continue to experience some disruption to our operation, including flight delays and cancellations,” United said.

Delta Air Lines is “continuing its operational recovery” after the outage prompted the airline to pause flying on Friday, according to a Saturday morning update. Still, over 600 Delta flights have been canceled Saturday.

“Additional cancelations are expected as some of Delta’s technology continues to recover from Friday morning’s vendor-caused issue,” the update said.

Jetstar Japan, Hong Kong Express and Cebu Pacific airlines said Saturday their operations are gradually being restored too.

Cybercriminals capitalized on the chaos by promoting fake websites filled with malicious software designed to compromise unsuspecting victims, according to warnings from the US government and multiple cybersecurity professionals.

Former McAfee CEO Dave DeWalt told CNN a group of private sector and government agencies worked overnight to “ascertain the threat” and find a solution to the global outage. The call included the Cybersecurity and Infrastructure Security Agency and other private and government organizations.

CrowdStrike CEO George Kurtz apologized to customers Friday for the outage and said the company is working with those affected.

“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” Kurtz posted on X. “We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.”

But it could be easier said than done: Manual restarts of individual systems take time and expertise some customers don’t have, which is why companies have been slow to recover from the outage.

Chaos continues for travelers

Frustrated passengers lined up at airports backed up with flight cancellations and delays, some missing life events like funerals and birthdays. At Atlanta’s Hartsfield-Jackson International Airport, long lines of passengers waited for assistance Saturday, with many flights still canceled or delayed.

“I was supposed to be in California for my mom’s wedding,” Richard Whitfield of Pasco County, FL told CNN’s Isabel Rosales Saturday. Whitfield and his partner, Jonathan Shade, left Tampa on Thursday and missed their connecting flight in Atlanta due to poor weather conditions, delaying their landing and forcing the plane to refuel in Tallahassee.

After their rescheduled flight on Friday was delayed many times, the couple decided to cancel the trip and just head home. But with no available flights back to Tampa, Friday night, they spent their second night in an airport hotel. They were unable to get a voucher from Delta for either of their stays.

“(Richard has) been on hold for 24 hours,” Shade told CNN. “When he eventually got his number in line, it was 2,001.”

Two hours later, Richard’s place in Delta Air Lines’ virtual customer service queue was 2,300 in line, Shade said. Delta Air Lines has reported the most cancellations, with more than 850 Delta and Delta Connection flights unable to depart.

“If we can’t do the flight, we will try for the car and if we can’t do the car, it’s just another night in a hotel and we will see what happens,” Shade said.

At last check, a rental car back to Tampa would cost the pair $600, Shade and Whitfield said. Amtrak is charging $1,000 for a one-way ticket to Tampa, they added.

Whitfield tells CNN the whole ordeal has had an impact on him. “For me, it’s been the domino effect that it has on humanity and everything that we need to survive: food, sleep, or water, housing,” he said.

After spending 48 hours in Atlanta, they found a Saturday evening flight back to Tampa they say they can only hope is not delayed or canceled. For now, there is nothing the couple can do but wait and “get a good stiff drink,” Shade and Whitfield said.

In addition to the problems at airports, the outage has also caused delays at hotels and rental car companies. Major hotels, including Marriott International and some Hiltons, were impacted both in regard to payment processing and delays to check in-processes.

Even Americans not traveling felt the effects of the outage in various facets of their everyday lives, including while trying to call 911 during emergencies in some areas, getting or renewing their driver’s licenses or shipping or receiving packages.

There were reports of 911 outages in various states, like Alaska, and cities, like Phoenix, where the system was down for hours but has since been restored.

Driver’s license offices were closed or had limited services in Texas, Tennessee, North Carolina and Georgia.

Some hospitals had to cancel appointments and surgeries

While most hospitals remained open to treat medical emergencies, some said an inability to access electronic medical records and order lab tests and prescriptions had caused them to cancel patient appointments and surgeries.

Hospital workers scrambled to provide needed care to patients without the technology they rely on.

Kim Brown was near the end of her shift Thursday night as a labor and delivery nurse at Kaiser Permanente in San Jose, California, when the hospital’s computer systems, which it relies on to care for women in labor and their babies, went down.

“All of our babies get little plastic tags that will set off an alarm if they get too close to an exit or an elevator. That went down,” Brown said. “It was unnerving because we had zero information. It was just, ‘Oh, well, everything’s out now.’”

With the outage posing a security risk to newborn babies, the hospital called security guards to sit by the elevators to keep them safe.

At the postpartum care unit in Dignity Health California Hospital Medical Center in Los Angeles, nurse Laura Topete said she ran into a roadblock trying to get analgesic drugs for a woman who was in pain after delivery, but couldn’t access the doctor’s orders to see what kind of medications she could have.

“The patient was in pain longer than she needed to be,” Topete said.

Epic Systems, a company that makes widely used electronic health records systems for hospitals and doctors’ offices, said on Friday its Nebula cloud-based platform had been impacted by the outage overnight and some services, including telehealth visits, were not available during the outage. Another electronic medical records company, Veradigm, also said its systems were impacted by the CrowdStrike outage.

A spokesperson for the US Department of Health and Human Services said it was “working to assess the impact of the CrowdStrike outage on patient care and HHS systems, services, and operations,” along with federal, state, local and private sector partners.

In addition to hospitals, blood donation centers experienced challenges and altered blood shipment methods due to flight delays. New York Blood Center, which supplies about 200 hospitals in the Northeast, initiated an emergency driving operation to distribute collected blood. And Blood Assurance was concerned for its planned shipment of at least 20 platelets — the disc-shaped fragments that help with clotting — due to flight issues.

Government agencies were at a standstill

The impacts of the global tech outage were felt across the US as countless government agencies waited for services to get back to normal.

The mayor of Portland, Oregon, issued an emergency declaration due to the ongoing outage. It affected the city’s servers in city data centers, employee computers and single sign-on to cloud services, Mayor Ted Wheeler said in a news release.

In Southern California, the disruption caused connectivity issues at the Los Angeles County Superior Court and it temporarily limited jail bookings in San Diego County, officials said.

Elsewhere, some voting locations in Arizona experienced outages in Maricopa County as early voting continued in the state’s primary, according to the Maricopa County Elections Department. The county is the fourth-most populous in the US and is home to Phoenix, the county website said.

The Social Security Administration closed its local offices to the public on Friday after the outage shut down numerous services. The agency said in a statement it expected longer wait times for the national 800 phone number, and some online services may be unavailable.

SOURCE: https://edition.cnn.com/2024/07/20/us/flights-canceled-delayed-global-it-outage/index.html
 

Global IT outage: Warning over malicious websites offering to fix devices - as experts reveal likely cause of CrowdStrike issue​


A faulty software update that caused the global IT outage likely skipped checks before being deployed, experts have said - as a warning was issued about malicious websites offering to fix devices.

An estimated 8.5 million Microsoft Windows PCs devices were affected worldwide by the update from cybersecurity firm CrowdStrike, causing delays for airports, broadcasters, hospitals and businesses.

Problems came to light quickly after the latest version of CrowdStrikes Falcon sensor software was rolled out on Friday.

The update was meant to make systems more secure against hacking, but instead caused devices to display a "blue screen of death" due to faulty code.

"What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through," said Steve Cobb, chief security officer at Security Scorecard, as he considered the cause of the technical mishap.

Another expert, security researcher Patrick Wardle, put the problem with the update down to "a file that contains either configuration information or signatures [code that detects specific types of malicious code or malware]".

"It's very common that security products update their signatures, like once a day... because they're continually
monitoring for new malware and because they want to make sure that their customers are protected from the latest threats," Mr Wardle said.

He added that the frequency of updates "is probably the reason why [CrowdStrike] didn't test it as much".

Efforts by CrowdStrike to make clients more secure against hacking attempts further backfired as malicious websites have begun to use the incident to publish "unofficial code" claiming to fix any ongoing issues, Australia's cyber intelligence agency has warned.

On its website, the Australian Signals Directorate said its cybersecurity centre "strongly encourages all consumers to source their technical information and updates from official CrowdStrike sources only".

The country's cybersecurity minister Clare O'Neil said on social media platform X that citizens should "be on the look out for possible scams and phishing attempts".

The fallout from the outage continued to cause disruption to services in the UK into the weekend, despite CrowdStrike rolling out a fix.

NHS England warned of disruption to GP services into next week and pharmacy services were dealing with significant backlogs.

Meanwhile, travellers reported incidents of their baggage being lost at airports and delays of up to nine hours.

CrowdStrike chief executive George Kurtz said on Friday that it would be "some time" before all systems are returned to normal and industry expert Adam Leon Smith of BCS, the Chartered Institute for IT, warned it could take "weeks" for a full recovery.

 

CrowdStrike says bug in quality control process led to botched update​


A CrowdStrike software update that crashed computers globally last week hitting services from aviation to banking and healthcare was caused by a bug in the US cybersecurity firm’s quality control mechanism, the company said on Wednesday.

Friday’s outage happened because CrowdStrike’s Falcon Sensor, an advanced platform that protects systems from malicious software and hackers, contained a fault that forced computers running Microsoft’s Windows operating system to crash and show the “Blue Screen of Death.”

“Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data,” CrowdStrike said in a statement, referring to the failure of an internal quality control mechanism that allowed the problematic data to slip through the company’s own safety checks.

CrowdStrike did not say what that content data was, nor why it was problematic. A “Template Instance” is a set of instructions that guides the software on what threats to look for and how to respond. CrowdStrike said it had added a “new check” to its quality control process in a bid to prevent the issue from occurring again.

The extent of the damage from the botched update is still being assessed. On Saturday, Microsoft said about 8.5 million Windows devices had been affected, and the US House of Representatives Homeland Security Committee has sent a letter to CrowdStrike CEO George Kurtz asking him to testify.

CrowdStrike released information to fix affected systems last week, but experts said getting them back online would take time as it required manually weeding out the flawed code.

Wednesday’s statement was in line with a widely held assessment from cybersecurity experts that something in CrowdStrike’s quality control process had gone badly wrong.

 

CrowdStrike backlash over $10 apology voucher​


CrowdStrike is facing fresh backlash after giving staff and firms they work with a $10 UberEats voucher to say sorry for a global IT outage that caused chaos across airlines, banks and hospitals last week.

The cybersecurity company - whose software update on Friday affected 8.5 million computers worldwide - said in an email to its partners that it recognised the incident had caused extra work.

"To express our gratitude, your next cup of coffee or late night snack is on us!" CrowdStrike wrote, directing people to use a code to access the $10 credit.

But the gesture was greeted by derision by some. One Reddit user branded it an "absolute clown show" while another said: "I literally wanted to drive my car off a bridge this weekend and they bought me coffee. Nice."

One LinkedIn user claiming to be a CrowdStrike partner, said: "The gesture of a cup of coffee or Uber Eats credit as an apology doesn't seem to make up for the tens of thousands lost in man hours and customer trust due to the July 19 incident."

CrowdStrike confirmed to the BBC that it sent the vouchers to "teammates and partners" who had helped customers deal with the impact of the outage.

But some people who said they had received a voucher also took to social media to say it did not work.
"Uber flagged it as fraud because of high usage rates," CrowdStrike admitted.

It comes amid growing questions over what financial compensation CrowdStrike customers and people impacted by the outage will be able to claim.

The firm has pledged to improve its software tests after a faulty content update for Windows systems caused the mass IT outage.

Its mistake resulted in problems for banks, hospitals and airlines as millions of PCs displayed "blue screens of death".

In a detailed review of the incident published on Wednesday CrowdStrike said there was a "bug" in a system designed to ensure software updates work properly.

Crowdstrike said the glitch meant "problematic content data" in a file went undetected.

The company said it could prevent the incident from happening again with better software testing and checks, including more scrutiny from developers.

The faulty update crashed 8.5 million Microsoft Windows computers around the world and George Kurtz, Crowdstrike's boss, has apologised for the impact of the outage.

But cybersecurity experts told BBC News that the review revealed the firm made "major mistakes".

"What’s clear from the post mortem is they didn't seem to have the right guardrails in place to prevent this type of incident or to reduce the risk of it occurring," said cyber-security consultant Daniel Card.

His thoughts were echoed by cybersecurity researcher Kevin Beaumont, who said the key lesson from CrowdStrike's review was that the firm doesn't "test in waves".

"They just deploy to all customers at once in a so called 'rapid response update' which was obviously a huge mistake," he said.

But Sam Kirkman from cybersecurity firm NetSPI told the BBC the review showed CrowdStrike "took steps" to prevent the outages.

He said these steps "have likely been effective to prevent incidents on countless occasions prior to last week”.

According to insurance firm Parametrix, the top 500 US companies by revenue, excluding Microsoft, had faced some $5.4bn (£4.1bn) in financial losses from the outage.

It said that only $540m (£418m) to $1.08bn (£840m) of these losses were insured.

The US government has opened an investigation into Delta Airlines' handling of the outage after it continued to cancel hundreds of flights.

Delta chief executive Ed Bastian said in a letter to customers on Wednesday it expects the airline to make a full recovery on Thursday.

Crowdstrike is set to face further scrutiny - with Mr Kurtz called to testify in front of Congress about the outage.

"This incident must serve as a broader warning about the national security risks associated with network dependency," wrote the House Committee on Homeland Security in a letter to the company on Monday.

It gave CrowdStrike until Wednesday evening to schedule a hearing.

 
CrowdStrike CEO says 97% of Windows sensors restored in IT outage recovery effort

CrowdStrike CEO George Kurtz said 97% of the company’s Windows sensors on the Falcon security platform were back online as of Thursday, though recovery from the global IT outage remains ongoing.

Kurtz said the progress was enhanced due to the development of automated recovery techniques. CrowdStrike is taking steps to prevent such an incident from happening again, he said, following the release of a preliminary incident report earlier this week.

Kurtz personally apologized to everyone affected by the outage and thanked CrowdStrike customers, partners and team members for their role in helping the recovery.

“To our customers still affected, please know we will not rest until we achieve full recovery,” Kurtz wrote in the LinkedIn post. “At CrowdStrike our mission is to earn your trust while safeguarding your operations.”

CrowdStrike issued a preliminary report late Tuesday showing an undetected error in a rapid response configuration software update in the company’s Falcon sensor led to the outage. About 8.5 million Microsoft Windows devices crashed as a result, and though that was less than 1% of Windows device deployments, it disrupted operations at major airlines, banks, hospitals and other critical organizations around the globe.

Microsoft released a separate recovery update outlining steps underway to build more resiliency into the Windows platform to make sure it can prevent such a massive outage from taking place in the future.

“This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience,” John Cable, VP of Windows servicing and delivery, in a blog post Thursday. “These improvements must go hand in hand with ongoing improvements in security and be in close cooperation with our many partners, who also care deeply about the security of the Windows ecosystem.”

Cable highlighted recent efforts, including the introduction of VBS enclaves, which is a “software-based trusted execution environment inside a host application.” In January the company unveiled Microsoft Azure attestation, which is a service to help verify a platform is trustworthy and confirm the integrity of the binaries running inside of it.

The incident highlighted concerns over how a single point of failure could have disrupted such a wide swath of critical infrastructure providers in the U.S. and globally.

NetChoice sent a letter to the U.S. Senate Homeland Security and Government Affairs Committee urging a hearing with CrowdStrike and Microsoft to find out what both companies are doing to avoid such an occurrence from happening in the future.

The House Homeland Security Committee earlier this week sent a letter to Kurtz asking him to testify about the outage.

Carl Szabo, VP and general counsel at NetChoice, said the incident underscores that U.S. critical infrastructure and government systems are too dependent on Microsoft.

“Congress must additionally investigate how to diversify our technology usage and how to make sure that other competitors don’t have the same security vulnerabilities that Microsoft products have,” Szabo said via email.

SOURCE: https://www.cybersecuritydive.com/news/CrowdStrike-software-outage-CEO-Microsoft/722526/
 
CrowdStrike sued by shareholders over global outage

CrowdStrike is being sued by shareholders after a faulty update by the cybersecurity firm crashed more than eight million computers and caused chaos around the world.

The lawsuit accuses the company of making "false and misleading" statements about its software testing.

It also says the company's share price dropped 32% in the 12 days after the incident, causing a loss in market value of $25bn (£14.5bn).

CrowdStrike denies the allegations and says it will defend itself against the proposed class action lawsuit.

The suit filed in the Austin, Texas federal court, alleges that CrowdStrike executives defrauded investors by making them believe the company's software updates were adequately tested.

The lawsuit is seeking an unspecified amount of compensation for investors who owned CrowdStrike shares between 29 November and 29 July.

It cites chief executive George Kurtz, who said in a conference call on 5 March that the firm's software was "validated, tested and certified."

CrowdStrike told BBC News that its disputes the claims.

“We believe this case lacks merit and we will vigorously defend the company,” a spokesperson said.

Meanwhile, the chief executive of Delta Air Lines, Ed Bastian, has said in an interview with business news channel CNBC that the disruption caused by the outage cost the airline $500m, including lost revenue and compensation to passengers.

Delta has reportedly hired a prominent lawyer and is preparing to seek compensation from CrowdStrike.

The faulty update on 19 July crashed 8.5 million Microsoft Windows computers around the world. The outage disrupted businesses and services, including airlines, banks and hospitals.

In a detailed review of the incident, CrowdStrike said there was a "bug" in a system designed to ensure software updates worked properly.

CrowdStrike said the glitch meant "problematic content data" in a file went undetected.

The company said it could prevent a repeat of the incident with better software testing and checks, including more scrutiny from developers.

BBC
 
CrowdStrike sued by shareholders over global outage

CrowdStrike is being sued by shareholders after a faulty update by the cybersecurity firm crashed more than eight million computers and caused chaos around the world.

The lawsuit accuses the company of making "false and misleading" statements about its software testing.

It also says the company's share price dropped 32% in the 12 days after the incident, causing a loss in market value of $25bn (£14.5bn).

CrowdStrike denies the allegations and says it will defend itself against the proposed class action lawsuit.

The suit filed in the Austin, Texas federal court, alleges that CrowdStrike executives defrauded investors by making them believe the company's software updates were adequately tested.

The lawsuit is seeking an unspecified amount of compensation for investors who owned CrowdStrike shares between 29 November and 29 July.

It cites chief executive George Kurtz, who said in a conference call on 5 March that the firm's software was "validated, tested and certified."

CrowdStrike told BBC News that its disputes the claims.

“We believe this case lacks merit and we will vigorously defend the company,” a spokesperson said.

Meanwhile, the chief executive of Delta Air Lines, Ed Bastian, has said in an interview with business news channel CNBC that the disruption caused by the outage cost the airline $500m, including lost revenue and compensation to passengers.

Delta has reportedly hired a prominent lawyer and is preparing to seek compensation from CrowdStrike.

The faulty update on 19 July crashed 8.5 million Microsoft Windows computers around the world. The outage disrupted businesses and services, including airlines, banks and hospitals.

In a detailed review of the incident, CrowdStrike said there was a "bug" in a system designed to ensure software updates worked properly.

CrowdStrike said the glitch meant "problematic content data" in a file went undetected.

The company said it could prevent a repeat of the incident with better software testing and checks, including more scrutiny from developers.

BBC
Americans shareholders and their lawsuits!! :facepalm:
Clients of crowdstrike can have grounds to sue for damages caused but shareholders?
 
CrowdStrike: Company to face questions over global IT outage

GPs couldn't treat patients, people were stranded as planes couldn't get off the ground, and small businesses lost thousands in sales.

Two months on from the global IT outage on 19 July, the full impact is still only now becoming apparent.

A rogue software update by the US cybersecurity company CrowdStrike crippled up to eight and half million computers using Microsoft systems around the world.

Adam Meyers - a senior manager at CrowdStrike - will testify at the US Congress on Tuesday to explain what happened and how the company is going to prevent another disaster.

Dr David Wrigley, a GP for the past 22 years, tells the BBC that in the most serious cases, it resulted in possible delays for cancer treatments.

"It was a very difficult period of time with very little help and support," he said.

For many GPs, they were unable to use the EMIS system - a digital way of managing appointment bookings and patient records, as well as sending prescriptions to pharmacies.

The BMA said the CrowdStrike outage was "one of the toughest single days in recent times for GPs across England", with doctors forced to return to pen and paper.

At Dr Wrigley's practice, computer problems continued between Friday and Monday.

He said this created a backlog that delayed urgent tasks such as writing referral letters for patients with suspected cancers.

In some cases, this would have been delayed by "three or four days".

"You have to prioritise those and send them as soon as possible," he said.

"All the referrals we do are done electronically - that couldn’t happen."

Elsewhere, the BMA said there were also major problems in Northern Ireland.

Around 75% of GPs in Northern Ireland use the EMIS system according to Dr Frances O'Hagan, the chair of BMA’s Northern Ireland GP committee.

"We couldn't do anything for most people," she said.

"We just had to take it on the chin and get on with it."

She said GPs in Northern Ireland faced similar backlogs to colleagues in England, including a delay to suspected cancer referrals.

The Department of Health told the BBC it is in discussion with "external suppliers" to strengthen "continuity arrangements" following the CrowdStrike outage.

It says GPs had access to "local copies" of patient data from EMIS during the outage, and all other systems worked.

Professor Kamila Hawthorne, Chair of the Royal College of GPs, told the BBC it was "crucial" that there should be "safeguards in place" in the future.

In Surrey, 50 patients who were due to receive radiotherapy treatment on the day of the outage were forced to reschedule.

A spokesperson from NHS Royal Surrey Trust said all urgent cases were seen within 24 hours.

NHS England did not comment.

The UK government told BBC News contingency plans were quickly enacted, and said it is working with NHS England to help prevent similar incidents.

The 'chaos' at the airports

Melanie Cree and her husband Alan, from Bangor in Northern Ireland, were due to fly home from Corfu Airport on the day of the outage.

Travel operators were forced to cancel thousands of flights across the world - and Melanie and Alan's flight was axed.

After being taken to and from the airport several times in the next few days, they managed to fly home on Monday.

Melanie said passengers were given no food, and some ran out of medication.

"It totally ruined what should have been our dream holiday," she said.

"We have lovely memories, but we came back absolutely shattered. It was complete chaos."

Their provider Tui gave them a £400 voucher.

As Melanie and Alan struggled in Corfu, another UK family were caught up in the delays just over 500 miles (804km) away.

Laura and Malcolm Jones were struggling to return home after a holiday in Rhodes with their children.

When they were on the tarmac, the flight was cancelled. Laura told the BBC there was no information, no return of bags, and no plan.

They spent 16 hours at the airport before they were taken to a conference centre, where frustrated travellers used tablecloths as blankets.

The family paid £560 out of their own pockets to fly back to the UK a few days later.

Tui has given them a £600 voucher.

"I was looking forward to travelling abroad again after Covid, but I think I might just stick going to west Wales for a few years," Laura joked.

In a statement, Tui apologised to its customers.

But the travel company was not the only one with problems. Delta Airlines in the United States faced a huge impact.

It cancelled around 7,000 flights over five days, faces an investigation from the US authorities and is involved in several legal actions.

The small business owners

Back in the UK, small business owner Dawn Watts was caught up in the outages in a different way - her website, which provides supplies to cleaning companies and hotels, was out of action.

She estimates to have lost about £600 in sales.

"It is extremely worrying," she said.

"I am a sole trader - I can’t have this happening again."

Dawn Watts was particularly worried by the CrowdStrike outage, as she didn't have the support of a big company behind her.

Hannah Al-Khaldi, who runs a boutique fitness studio in London, faced similar issues with a non-functional website.

She estimates the outage cost her £1,000.

"It showed how many systems worldwide had put their eggs in one basket," she said.

"When one link in the chain fails, everything else goes down.

"Is there enough choice out there for providers, or was CrowdStrike the only option?"

A spokesperson from CrowdStrike told BBC News: "As we have said previously, we fully understand the gravity of the incident and apologise to everyone who was affected.

"We’re committed to using the lessons learned to better serve our customers and prevent anything like this from happening again."

SOURCE: https://www.bbc.com/news/articles/cr54m92ermgo
 
Back
Top