NewsBite

Airlines resume services after global IT crash wreaks havoc

Organisations worldwide are getting back online after a global IT crash that was caused by antivirus software, as Microsoft said a return to normal is still days away.

‘They will recover’: CrowdStrike facing ramifications of major outage

Airlines, banks, broadcasters, financial institutions and health services globally are gradually resuming operations after they were thrown into turmoil by one of the biggest IT crashes in recent years, all caused by an update to an antivirus program.

Microsoft said the issue began at 1900 GMT on Thursday, affecting Windows users running the CrowdStrike Falcon cybersecurity software. The cloud computing leader said it could take a few days to return to normal.

CrowdStrike said it had rolled out a fix for the problem and the company’s founder and CEO, George Kurtz, told US news channel CNBC he wanted to “personally apologise to every organisation, every group and every person who has been impacted”.

Jetstar check-in at Brisbane Airport after CrowdStrike global IT outage, Saturday, July 20, 2024. Picture: Richard Walker
Jetstar check-in at Brisbane Airport after CrowdStrike global IT outage, Saturday, July 20, 2024. Picture: Richard Walker
George Kurtz the CEO of US-listed cyber security company CrowdStrike at the QT hotel in Sydney in 2019. Picture: Adam Yip
George Kurtz the CEO of US-listed cyber security company CrowdStrike at the QT hotel in Sydney in 2019. Picture: Adam Yip

US President Joe Biden’s team was talking to CrowdStrike and those affected “and is standing by to provide assistance as needed”, the White House said in a statement.

“Our understanding is that flight operations have resumed across the country, although some congestion remains,” a senior US administration official said.

Reports from the Netherlands and Britain suggested health services have been affected by the disruption, with the full impact not yet known.

Media companies were also hit, with Australia’s ABC reporting major difficulties in broadcasting and Britain’s Sky News saying the glitch had ended its Friday morning news broadcasts.

Australian authorities warned of an increase in scam and phishing attempts following the outage, including people offering to help reboot computers and asking for personal information or credit card details.

Major IT outage shows hackers ‘how easily’ Australia’s systems can be brought down

“What we’re hearing is that some small businesses in particular, some individuals are receiving emails from people who are pretending to be CrowdStrike or are pretending to be Microsoft, and indicating that you need to put in bank details to get access to a reboot … I ask Australians to be really cautious over the next few days about attempts to use this for phishing.”

Jetstar departure board after Brisbane Airport after CrowdStrike global IT outage, Saturday, July 20, 2024. Picture: Richard Walker
Jetstar departure board after Brisbane Airport after CrowdStrike global IT outage, Saturday, July 20, 2024. Picture: Richard Walker

By Saturday, services in Australia had mostly returned to normal, but Sydney Airport was still reporting flight delays.

Passenger crowds at international airports that swelled as peopled waited for news of flight cancellations and operators struggled to keep services on track, are starting to diminish.

Multiple US airlines and airports across Asia said they were now resuming operations, with check-in services restored in Hong Kong, South Korea and Thailand, and mostly back to normal in India, Indonesia and at Singapore’s Changi Airport as of Saturday afternoon.

Microsoft Crowdstrike outage blue screen. Picture: Supplied
Microsoft Crowdstrike outage blue screen. Picture: Supplied

GLOBAL FLIGHT CHAOS

While some airports halted all flights, in others airline staff resorted to manual check-ins for passengers, leading to long lines and frustrated travellers.

The US Federal Aviation Administration (FAA) initially ordered all flights grounded “regardless of destination”, though airlines later said they were re-establishing their services and working through the backlog.

India’s largest airline Indigo said operations had been “resolved”, in a statement posted on X.

“While the outage has been resolved and our systems are back online, we are diligently working to resume normal operations, and we expect this process to extend into the weekend,” the carrier said Saturday.

Passengers sleep where stranded as the world continues to be affected by a global technology outage attributed to a software update administered by CrowdStrike, a cybersecurity firm. Picture: AFP
Passengers sleep where stranded as the world continues to be affected by a global technology outage attributed to a software update administered by CrowdStrike, a cybersecurity firm. Picture: AFP

A passenger told AFP that the situation was returning to normal at Delhi Airport by midnight on Saturday with only slight delays in international flights.

Low-cost carrier AirAsia said it was still trying to get back online, and had been “working around the clock towards recovering its departure control systems (DCS)” after the global outage. It recommended passengers arrive early at airports and be ready for “manual check-in” at airline counters.

Chinese state media said Beijing’s airports had not been affected. In Europe, major airports including Berlin, which had suspended all flights earlier on Friday, said departures and arrivals were resuming.

Globally, more than 5000 flights were cancelled as a result of the outage.

Travellers wait in a long line to check with Delta airline representatives as to where their luggage is at the Detroit Metropolitan Wayne County Airport on July 20. Picture: Getty
Travellers wait in a long line to check with Delta airline representatives as to where their luggage is at the Detroit Metropolitan Wayne County Airport on July 20. Picture: Getty

Data from FlightRadar 24 showed extensive delays at airports were still evident around midday Saturday Australian time, particularly on the US east coast and the UK, while according to the Flight Aware site tracker, more than 43,000 flights globally had been delayed, including more than 11,000 in the US.

Gatwick Airport said it expected most flights to operate according to schedule on Saturday, but FlightRadar was showing an average delay time of over an hour.

Airports in the American midwest, throughout mainland Europe, Asia and Australia were mostly running on time, although border control and customs services in the US reported continuing processing delays.

Jetstar check-in at Brisbane Airport after CrowdStrike global IT outage, Saturday, July 20, 2024. Picture: Richard Walker
Jetstar check-in at Brisbane Airport after CrowdStrike global IT outage, Saturday, July 20, 2024. Picture: Richard Walker

In the UK, ambulance services were inundated with phone calls after GP booking systems went down, with more than 4500 emergency calls in London alone.

Health services in the Netherlands and the US also reported widespread problems.

Media companies were also struggling, with Britain’s Sky News saying the glitch had ended its morning news broadcasts and Australia’s ABC similarly reporting major difficulties.

Banks from Kenya to Ukraine reported issues with their digital services, supermarkets in Australia had problems with payments, mobile phone carriers were disrupted and customer service helplines in a number of companies went down.

A departure board shows canceled flights in the McNamara terminal at the Detroit Metropolitan Wayne County Airport on July 20, 2024, in Detroit, Michigan. Picture: AFP
A departure board shows canceled flights in the McNamara terminal at the Detroit Metropolitan Wayne County Airport on July 20, 2024, in Detroit, Michigan. Picture: AFP

‘GLITCH’ SHOWS OUR DEPENDENCE ON TECH

“The scale of this outage is unprecedented, and will no doubt go down in history,” said Junade Ali of Britain’s Institution of Engineering and Technology, adding that the last incident approaching the same scale was in 2017.

This week’s widescale disruptions triggered by the faulty software update raised fears that an actual cybersecurity event could cause global chaos and such a software ‘glitch’ had security implications.

Companies were left patching up their systems and trying to assess the damage, even as officials tried to tamp down panic by ruling out hackers or foul play.

CrowdStrike’s CEO George Kurtz said in a statement his teams were “fully mobilised” to help affected customers and “a fix has been deployed”.

But Oli Buckley, a professor at Britain’s Loughborough University, was one of many experts who questioned the ease of rolling out a proper fix.

“While experienced users can implement the workaround, expecting millions to do so is impractical,” he said.

"CrowdStrike", American cybersecurity technology company, which caused one of the biggest IT crashes in recent years. Picture: AFP
"CrowdStrike", American cybersecurity technology company, which caused one of the biggest IT crashes in recent years. Picture: AFP

Other experts said the incident should prompt a widespread reconsideration of how reliant societies are on a handful of tech companies for such an array of services.

“We need to be aware that such software can be a common cause of failure for multiple systems at the same time,” said John McDermid, a professor at York University in Britain.

He said infrastructure should be designed “to be resilient against such common cause problems”.

In a press statement, CrowdStrike CEO George Kurtz said he was committed to “provide full transparency on how this occurred and steps we’re taking to prevent anything like this happening from happening again”.

He also warned of “adversaries and bad actors” who would try to exploit the outage and urged customers “to remain vigilant”.

Shares in CrowdStrike plunged by more than 11 per cent after the outage, while Microsoft suffered a small dip of 0.7 per cent.

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

Original URL: https://www.couriermail.com.au/technology/crowdstrike-leaves-global-travellers-stranded-with-outage-triggering-backlog-of-issues/news-story/e8a5450951b639f5c1d5feabe12f74d9