The Business Times

Flights resume after global IT crash wreaks havoc

    • Passenger crowds had swelled at airports on Friday as dozens of flights were cancelled after an update to a programme operating on Microsoft Windows crashed systems worldwide.
    • Passenger crowds had swelled at airports on Friday as dozens of flights were cancelled after an update to a programme operating on Microsoft Windows crashed systems worldwide. PHOTO: NYTIMES
    Published Sun, Jul 21, 2024 · 03:35 PM

    PLANES were gradually taking off again on Saturday (Jul 20) after global airlines, banks and media were thrown into turmoil by one of the biggest IT crashes in recent years, caused by an update to an antivirus program.

    Passenger crowds had swelled at airports on Friday as dozens of flights were cancelled after an update to a program operating on Microsoft Windows crashed systems worldwide.

    By Saturday, officials said the situation had returned virtually to normal in airports across Germany and France, as Paris prepared to welcome millions for the Olympic Games starting on Friday.

    Multiple US airlines and airports across Asia said they had resumed operations, with check-in services restored in Hong Kong, South Korea and Thailand, and mostly back to normal in India, Indonesia and at Singapore’s Changi Airport as at Saturday afternoon.

    Fortify defences

    In a Facebook post on Sunday, Singapore Digital Development and Information Minister Josephine Teo said that action must be taken to fortify defences in order to prepare for such incidents.

    She said this involves robust testing and putting in the right safeguards. Testing and red-teaming must also be prioritised and conducted across multiple levels so that appropriate safeguards can be put in place, she added. “It also involves planning for suitable responses when things go very wrong, such as putting in place business continuity plans (BCPs), which many organisations have,” she said.

    BT in your inbox

    Start and end each day with the latest news stories and analyses delivered straight to your inbox.

    She added that it was vital that everyone update their BCPs and practise them regularly, and stress-testing themselves through tabletop exercises (TTXs). “The existence of BCPs and TTXs will not eradicate crises. In fact, they exist precisely because we know that outages will happen. It’s not a matter of if, but when. Hence, we need to do as much as we can even before incidents happen so that we can recover and prevail over the disruptions.”

    CrowdStrike apologises

    Microsoft estimated on Saturday that 8.5 million Windows devices were affected in the global IT crash, adding that the number amounted to less than one per cent of all Windows machines.

    “While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services”, it said.

    Microsoft said the issue began at 1900 GMT on Thursday, affecting Windows users running the CrowdStrike Falcon cybersecurity software.

    In a Saturday blog post, CrowdStrike said it had released an update on Thursday night that had caused a system crash and the infamous “blue screen of death” fatal error message.

    CrowdStrike said it had rolled out a fix for the problem, and the company’s boss, George Kurtz, told US news channel CNBC he wanted to “personally apologise to every organisation, every group and every person who has been impacted”.

    The company also said it could take a few days for things to fully get back to normal.

    Britain’s National Health Service was hobbled by the crash on Friday, preventing doctors from accessing patient records and booking appointments.

    A “majority of systems... are now coming back online in most areas, however they are still running slightly slower than usual”, an NHS spokesperson said, warning of disruption continuing into next week.

    Media companies were also hit, with Britain’s Sky News saying the glitch had ended its Friday morning news broadcasts. Australia’s ABC also reported major difficulties.

    Australian, British and German authorities warned of an increase in scam and phishing attempts following the outage, including people offering to help reboot computers and asking for personal information or credit card details.

    Banks in Kenya and Ukraine reported issues with their digital services, some mobile phone carriers were disrupted and customer services in a number of companies went down.

    “The scale of this outage is unprecedented, and will no doubt go down in history,” said Junade Ali of Britain’s Institution of Engineering and Technology, adding that the last incident approaching the same scale was in 2017.

    Flight chaos

    While some airports halted all flights, in others airline staff resorted to manual check-ins for passengers, leading to long lines and frustrated travellers.

    Thousands of US flights were grounded, although airlines later said they were re-establishing their services and working through the backlog.

    A senior US administration official said on Friday that “our understanding is that flight operations have resumed across the country, although some congestion remains”.

    India’s largest airline Indigo said on Saturday that operations had been “resolved”, adding in a statement on X that the process of resuming normal operations would “extend into the weekend”.

    Low-cost carrier AirAsia said it was still trying to get back online and had been “working around the clock towards recovering its departure control systems”.

    Chinese state media said Beijing’s airports had not been affected.

    ‘Common cause’

    Companies were left patching up their systems and trying to assess the damage, even as officials tried to tamp down panic by ruling out foul play.

    According to CrowdStrike’s Saturday blog, the issue was “not the result of or related to a cyberattack”.

    Although CrowdStrike had rolled out a fix, many experts questioned the ease of such a process.

    “While experienced users can implement the workaround, expecting millions to do so is impractical,” said Oli Buckley, a professor at Britain’s Loughborough University.

    Other experts said the incident should prompt a widespread reconsideration of how reliant societies are on a handful of tech companies.

    “We need to be aware that such software can be a common cause of failure for multiple systems at the same time,” said John McDermid, a professor at York University in Britain.

    Infrastructure should be designed “to be resilient against such common cause problems”, he added.

    Insurance clients ready cyber claims

    Marsh, the world’s largest insurance brokerage, said that dozens of its clients are preparing to file claims in the wake of a global computing outage that disrupted airlines, banks and government agencies. 

    More than 75 of Marsh’s clients have provided notice to their cyber insurance providers about potential claims, said Meredith Schnur, the company’s cyber practice leader for the US and Canada. 

    Affected clients are primarily customers of CrowdStrike, which triggered much of the chaos with a flawed software update, though some may have suffered losses more indirectly, Schnur said.

    “We’re trying to triage the situation,” she said. “This is absolutely something that is expected to be covered under cyber insurance.”

    She added that while many organisations purchase such insurance, not all do. “There are some airlines that have it, and some airlines that don’t,” Schnur said.

    IT servicesInsuranceAirlines

    Share with us your feedback on BT's products and services

    Feedback
    Latest T-bills Treasury Bills Results & Interest NewsLatest SSB Singapore Savings Bonds NewsLatest COE Certificate of Entitlement News
    Latest Johor-Singapore SEZ NewsLatest BTO Build To Order & Sales of Balance NewsLatest STI Straits Times Index NewsLatest SGX Dividends, Share Price NewsLatest Bonds Market NewsLatest Singapore Stocks To Buy NewsLatest Singapore Economy News
    View More