KUALA LUMPUR – Planes began gradually taking off again on Saturday after a major IT crash caused widespread disruption across global airlines, banks, and media outlets.
The disruption was caused by an update to an antivirus programme.
Passenger crowds swelled at airports on Friday as dozens of flights were cancelled due to a global systems crash caused by an update to a Microsoft Windows programme.
By yesterday, officials said that the situation had returned to near normal in airports across Germany and France as Paris prepared to welcome millions for the Olympics starting on Friday, according to AFP.
Multiple US airlines and airports across Asia said they had resumed operations, with check-in services restored in Hong Kong, South Korea, and Thailand and mostly back to normal in India, Indonesia, and Singapore as of yesterday afternoon.
Microsoft estimated on Saturday that 8.5 million Windows devices were affected by the global IT crash, adding that the number amounted to less than one percent of all Windows machines.
“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services”, it said.
Microsoft said the issue began at 1900 GMT on Thursday, affecting Windows users running the CrowdStrike Falcon cybersecurity software.
In a blog post, CrowdStrike said it had released an update on Thursday night that had caused a system crash and the infamous “blue screen of death” fatal error message.
CrowdStrike said it had rolled out a fix for the problem, and the company’s boss, George Kurtz, told US news channel CNBC he wanted to “personally apologise to every organisation, every group, and every person who has been impacted.”
The company also said it could take a few days for things to fully get back to normal.
Britain’s National Health Service was hobbled by the crash on Friday, preventing doctors from accessing patient records and booking appointments.
A “majority of systems… are now coming back online in most areas; however, they are still running slightly slower than usual,” an NHS spokesperson said, warning of disruption continuing into next week.
Media companies were also hit, with Britain’s Sky News saying the glitch had ended its Friday morning news broadcasts. Australia’s ABC also reported major difficulties.
Australian, British, and German authorities warned of an increase in scam and phishing attempts following the outage, including people offering to help reboot computers and asking for personal information or credit card details.
Banks in Kenya and Ukraine reported issues with their digital services; some mobile phone carriers were disrupted, and customer service at a number of companies went down.
“The scale of this outage is unprecedented and will no doubt go down in history,” said Junade Ali of Britain’s Institution of Engineering and Technology, adding that the last incident approaching the same scale was in 2017.
While some airports halted all flights, in others, airline staff resorted to manual check-ins for passengers, leading to long lines and frustrated travellers.
Thousands of US flights were grounded, although airlines later said they were re-establishing their services and working through the backlog.
A senior US administration official said Friday that “our understanding is that flight operations have resumed across the country, although some congestion remains.”
India’s largest airline, Indigo, said Saturday that operations had been “resolved”, adding in a statement on X that the process of resuming normal operations would “extend into the weekend.”
Low-cost carrier AirAsia said it was still trying to get back online and had been “working around the clock towards recovering its departure control systems.”
Chinese state media said Beijing’s airports had not been affected.
Companies were left patching up their systems and trying to assess the damage, even as officials tried to tamp down panic by ruling out foul play.
According to CrowdStrike’s Saturday blog, the issue was “not the result of or related to a cyberattack.”
Although CrowdStrike had rolled out a fix, many experts questioned the ease of such a process.
“While experienced users can implement the workaround, expecting millions to do so is impractical,” said Oli Buckley, a professor at Britain’s Loughborough University.
Other experts said the incident should prompt a widespread reconsideration of how reliant societies are on a handful of tech companies.
“We need to be aware that such software can be a common cause of failure for multiple systems at the same time,” said John McDermid, a professor at York University in Britain.
Infrastructure should be designed “to be resilient against such common cause problems,” he added. – July 21, 2024