Massive global IT crash hits airlines, banks, media
PARIS, France (AFP) — Airlines, banks, TV channels and other business across the globe were scrambling Friday to deal with one of the biggest IT crashes in recent years, caused by an update to an antivirus programme.
Aviation officials in the United States briefly grounded all planes, while airlines elsewhere cancelled or delayed flights, as systems running Microsoft Windows crashed.
Microsoft said the issue began at 1900 GMT on Thursday, affecting users of its Azure cloud platform running cybersecurity software CrowdStrike Falcon.
“We recommend customers that are able to, to restore from a backup from before this time,” the US software giant said in a technical update on its website.
CrowdStrike CEO George Kurtz said in a post on several social media platforms that a fix had been rolled out for the problem, describing it as a “defect found in a single content update for Windows hosts”.
Experts suggested applying the fix would not be straightforward.
And the global nature of the failure prompted some commentators to question the reliance on a single provider for such a variety of services.
Shares in CrowdStrike slumped by 20 percent in pre-market trading.
– Flight chaos –
From Amsterdam to Zurich, Singapore to Hong Kong, airport operators flagged technical issues that were disrupting their services.
Some airports told planes they could not land, while in others airline staff began checking in passengers manually.
“I’m just in limbo as to how long I’ve got to wait here,” traveller Alexander Ropicano told AFP as he waited at Sydney Airport in Australia.
The 24-year-old, flying to Brisbane to see his girlfriend, said the airline told him to “wait until the system is operational again”.
The US Federal Aviation Administration (FAA) said in a notice to airlines early on Friday that all flights “regardless of destination” were to be grounded.
But American Airlines later said that as of 0900 GMT “we have been able to safely re-establish our operation.
“We apologise to our customers for the inconvenience,” the airline said.
Major airports including Berlin, which had suspended flights earlier on Friday, said departures and arrivals were gradually resuming.
Turkish Airlines said it had cancelled 84 flights and other airlines reported booking systems had crashed.
Chinese state media, however, said Beijing’s airports had not been affected.
– ‘Common cause’ –
Companies were left patching up their systems and trying to assess the damage from the outage, even as officials tried to tamp down any panic.
“There is no evidence to suggest that this outage is the result of a cyberattack,” France’s cybersecurity agency ANSSI said.
German interior ministry spokesman Mehmet Ata blamed it on CrowdStrike’s “faulty update”.
CrowdStrike’s Kurtz said his teams were “fully mobilised” to help customers affected.
“The issue has been identified, isolated and a fix has been deployed,” he said.
But Professor Oli Buckley of Britain’s Loughborough University said it was “impractical” to expect millions of less experienced users to implement CrowdStrike’s workaround.
He said it would be a “real challenge” to ensure it was deployed across all affected systems.
And reports from both the Netherlands and Britain suggested health services may have been affected by the disruption, meaning the impact could eventually be even wider.
Media companies were also struggling, with Britain’s Sky News saying the glitch had ended its morning news broadcasts and Australia’s ABC similarly reporting a major “outage”.
Banks in Kenya and Ukraine reported difficulties with some digital services, supermarkets in Australia had issues with payments, mobile phone carriers were disrupted and customer services in a number of companies went down.
Professor John McDermid from Britain’s York University appealed for a greater awareness of how a single piece of software “can be a common cause of failure for multiple systems at the same time.
“We need to design infrastructure to be resilient against such common cause problems,” he added.