A huge global IT outage has caused widespread disruption across multiple sectors, impacting banks, businesses, airlines, the London Stock Exchange, media broadcasters and more.
Our modern world is built around IT, with computer systems and automation programs managing the vast amounts of data required for businesses and industries to function. While viruses and malware pose significant threats, we rely heavily on cybersecurity to protect us. However, when the companies responsible for safeguarding our essential systems make mistakes, the damage can be just as severe.
Businesses and travel in turmoil
The outage has forced numerous businesses offline, severely disrupting operations in several countries, including Australia, Germany, the UK, India, Japan, and the US. Major airports have been affected, with boarding screens going offline and chaos ensuing at public transport stations.
The Bank of England said a ‘global payments issue’ is delaying high-value payments, including house purchases, processed through the national real-time gross settlement system Chaps.
“The outage of the UK’s large-value payment system, Chaps, highlights the critical need for payment firms to enhance their security measures and operational resilience. These disruptions, which affect high-value transactions such as house purchases, significantly undermine industry trust and stability. With the Bank of England reporting a ‘global payments issue’ delaying these essential payments, the urgency for robust and reliable payment systems has never been more apparent. While less likely to be felt as quickly by the consumer as the recent outages with contactless payment systems that affected the high street, the implications of these high-value transactions are much more acutely felt by the average person.
Chaps processes over £300 billion in transactions daily, and any interruption can have profound economic implications. Despite assurances from the Bank that retail payment systems remain unaffected, the recurrence of such outages—three major incidents in the past decade—raises serious concerns about the infrastructure’s reliability. The central bank’s ongoing efforts, including working closely with third-party suppliers and other authorities, are crucial, yet the persistent issues call for a more rigorous approach to contingency planning and crisis management”.
Further, South Western Railway (SWR) in the UK tweeted, “Due to IT issues across the South Western Railway network all ticket vending machines are currently non-operational. Please purchase your ticket online, on the train, or speak to a member of station staff. We apologise for the inconvenience this causes.”
Media broadcasters and stock exchanges hit
Media broadcasters in the UK and Australia have also been impacted by the outage. Windows users around the world reported that their computers are showing the operating system’s Blue Screen of Death the issue has affected airports, television news stations, financial institutions, emergency services and many other industries and companies globally including the London Stock Exchange, Mumbai Airport, India and many other airlines.
The London Stock Exchange announced on its website, “RNS news service is currently experiencing a 3rd party global technical issue, preventing news from being published on www.londonstockexchange.com. Technical teams are working to restore the service. Other services across the Group, including London Stock Exchange, continue to operate as normal.”
The exchange’s parent company, Workspace, suffered an outage affecting user access worldwide.
Kumar Ritesh, CEO & Founder of CYFIRMA, an external threat landscape management company, said, “The massive outage in Microsoft systems caused by CrowdStrike updates was due to a compatibility issue between CrowdStrike’s Falcon sensor and a Windows update. When the CrowdStrike sensor, a critical endpoint protection agent, was updated, it conflicted with changes introduced in the latest Windows update. Such incidents underscore the importance of rigorous compatibility testing between security solutions and operating system updates to prevent widespread disruptions.”
He also highlighted that there are measures that can be put in place to avoid such disruptions. “Before deploying any security update or software patch, create a testing environment that mirrors production systems.” He also advised to test the update thoroughly in this environment to identify any compatibility issues or unexpected behavior.
“Avoid deploying updates across all systems simultaneously. Instead, roll them out gradually to a subset of machines. Monitor these systems closely for any adverse effects. If everything looks good, proceed with a wider rollout. Regularly back up critical systems so that in case an update causes problems like the current situation with Crowdstrike updates, you can restore the system to a previous state. Ensure backups are tested and reliable.”
Healthcare services affected
Healthcare providers in the UK have reported issues accessing their clinical software.
Due to the chaos, individuals have struggled to schedule appointments with their doctors, and train passengers have been warned about potential lengthy delays caused by the malfunctioning IT systems.
Commenting on the same, Marc Porcar, CEO of QR Code Generator, said: “The recent Microsoft IT outage serves as a clear indication of the risks associated with relying heavily on digital technology. Apart from the current issues like disruptions in operations and a surge in interest towards rival companies, there could be lasting effects on customer connections and business strategies within the tech sector. It’s crucial for both Microsoft and its competitors to tread carefully in order to tackle these challenges and make the most of new possibilities.”
Microsoft and cybersecurity experts respond
Microsoft stated the outage began around 12 am CET on Friday, affecting multiple Azure services in the Central US region. Azure is a cloud computing platform for building, deploying, and managing applications and services.
Cybersecurity experts at CrowdStrike identified their antivirus software as the source of the problem. Dmytro Tereshchenko, Head of Information Security at Sigma Software Group, commented, “The CrowdStrike failure has significantly impacted many organisations globally. This includes critical sectors such as banking, stock exchanges, airports, and emergency services. Recovery protocols are in place for those affected, though a comprehensive restoration across many entities will likely be a protracted process.”
Tereshchenko noted that for cybersecurity professionals, this incident underscores a known issue within highly interconnected supply chains. “A disruption to any key supplier can indeed have extensive repercussions, affecting a broad spectrum of systems and services.”
Lessons for cybersecurity
Al Lakhani, CEO of IDEE, emphasised the importance of businesses thoroughly researching and vetting their cybersecurity solutions. “Microsoft clearly fell short in this regard, and we are witnessing a cascade of operational failures around the world as a result. CrowdStrike’s platform approach, which relies on a single agent focused on detection, might seem good at first glance, but as we can see, it can create significant issues.”
Lakhani highlighted the risks of relying on agents that require installation and maintenance on multiple operating systems, adding layers of complexity and potential failure points. “The lesson here is blindingly obvious: investing in cybersecurity is not just about acquiring the latest or most popular tools but ensuring those tools are reliable and resilient. This is why businesses must prioritise agentless solutions like MFA 2.0, which reduce the risk of widespread failures and ensure more resilient defences.”
As the situation unfolds, affected organisations are working diligently to restore normal operations. This incident serves as a stark reminder of the vulnerabilities in our interconnected digital world and the critical importance of robust cybersecurity measures.