Services across various sectors, including airlines, healthcare, shipping, and finance, began to recover late on Friday after a security software update error caused hours-long global computer system outages. Following the resolution of the outage, companies faced backlogs of delayed and cancelled flights, medical appointments, missed orders, and other issues that could take days to resolve. Businesses are now confronted with questions about how to prevent future blackouts caused by technology intended to protect their systems.
In India, SpiceJet said late on Friday that all its systems at airports, ticket bookings and call centres are up and running smoothly after a "successful resolution" of a Microsoft outage that impacted the aviation industry all through the day. "The technical outage has been fully resolved, and all our systems are back to normal operations," SpiceJet Chairman and Managing Director Ajay Singh said in a statement.
Budget carrier Akasa Air said late on Friday it "successfully" navigated a daylong system outage. "While the global systems downtime of reservations, check-in and boarding systems posed an unprecedented operational challenge to our ground services team, Akasa Air confirms that all its scheduled flights on Friday operated with minimum disruptions and nil cancellations," the airline said in a statement.
Meanwhile, Indigo said that “the global outage that led to operational difficulties is nearly resolved, and our teams have made significant progress in restoring normal operations. However, customers may still experience delays and schedule disruptions over the weekend.”
What caused the problem?
A software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, triggered systems problems that grounded flights, forced broadcasters off air and left customers without access to services such as healthcare or banking.
CrowdStrike is not a household name but it is an $83 billion company with more than 20,000 subscribers around the world including Amazon.com and Microsoft. CrowdStrike CEO George Kurtz said on social media platform X that a defect was found "in a single content update for Windows hosts" that affected Microsoft customers. "We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our company," Kurtz told NBC News.
CrowdStrike has one of the largest shares of the highly competitive cybersecurity market, leading some industry analysts to question whether control over such operationally critical software should remain with just a handful of companies.
Quality checks not deployed
Security experts said CrowdStrike's routine update of its widely used cybersecurity software, which caused clients' computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed.
The latest version of its Falcon Sensor software was meant make CrowdStrike clients' systems more secure against hacking by updating the threats it defends against. But faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies using Microsoft's Windows operating system.
The outage also raised concerns that many organizations are not well prepared to implement contingency plans when a single point of failure such as an IT system, or a piece of software within it, goes down. But these outages will happen again, experts say, until more contingencies are built into networks and organizations introduce better back-ups.
CrowdStrike shares closed down 11%. Its rivals SentinelOne shares closed up 8% and Palo Alto Networks closed up 2%. Microsoft closed down 0.7%. The scale of the outage was massive, but not yet quantifiable because it involved only systems that were running CrowdStrike software, said Ann Johnson, who heads Microsoft's security and compliance business.
"We have hundreds of engineers right now working directly with CrowdStrike to get customers back online," she said.
US President Joe Biden was briefed on the outage, a White House official said. The US Cybersecurity and Infrastructure Security Agency said it observed hackers using the outage for phishing and other malicious activities. US Customs and Border Protection said it was experiencing processing delays and working to mitigate issues related to international trade and travel. The Dutch and United Arab Emirates' foreign ministries also reported disruptions.
Wall Street's main indexes fell on Friday, deepening a sell-off driven by tech stocks and mixed earnings. The Cboe Volatility index, known as Wall Street's "fear gauge," hit its highest level since early May, and the dollar climbed as the worldwide cyber outage unnerved investors.
Global shipper FedEx faced major disruptions and some moderators who police content on Meta's Facebook were hit.
Thousands of flights cancelled in US
Air travel was immediately hit, because carriers depend on smooth scheduling that, when interrupted, can ripple into lengthy delays. Out of more than 110,000 scheduled commercial flights on Friday, 5,000 were cancelled globally with more expected, according to aviation analytics firm Cirium.
Delta Air Lines was one of the hardest hit, with 20% of its flights cancelled, according to flight tracking service FlightAware. The US carrier said it expected additional delays and cancellations potentially through the weekend. Airports from Los Angeles to Singapore, Amsterdam and Berlin said airlines were checking in passengers with handwritten boarding passes, causing delays.
Banks and financial services companies warned customers of disruptions and traders across markets spoke of problems executing transactions. Insurers could face a raft of business interruption claims.
US healthcare providers reported that outages were affecting call centers, patient portals and other operations. Mass General Brigham in Boston said it was treating only urgent cases while Tufts Medical Center warned that patients might experience delays or need to be rescheduled.
In Britain, booking systems used by doctors were offline, posts on X by medical officials said, while Sky News, one of the country's major broadcasters, was taken off the air.
As the day progressed, more companies reported a return to normal service, including Spanish airport operator Aena, US carriers United Airlines and American Airlines, and Australia's Commonwealth Bank. US Transportation Secretary Pete Buttigieg said system issues appeared to be resolving and transportation would hopefully be back to normal by Saturday.
(With Reuters inputs.)