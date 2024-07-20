Computers around the world went down on Friday, crippling transportation, health care, financial services, offices, newsrooms and live broadcasts as the world confronted what was arguably the most staggering cyber collapse to have ever occurred, leading to what may be hundreds of billions of dollars in losses. United Airlines employees wait by a departures monitor displaying a blue error screen, also known as the “Blue Screen of Death” inside Terminal C in Newark International Airport. (REUTERS)

From Nairobi to New Delhi and from Alaska to Adelaide, the impact was seen in snaking queues at airports and train stations, and on digital billboards that displayed the grimly named “blue screen of death”, an error message that Microsoft Windows-equipped computers display when a system crashes.

Airlines and airports in the US, Europe, Australia, India and elsewhere reported problems, with some 1,500 services cancelled within three hours of the outage knocking off computers used for tasks such as printing boarding passes and scheduling flights.

At 6.30pm, Ahmedabad, Kochi, Bengaluru and Delhi airport were among the worst-hit in Asia, according to FlightRadar24. The Gujarat capital had an average delay in departures extending to more than an hour while in Delhi, this was 55 minutes, with at least 43 flights delayed and 7, cancelled throughout the day.

In the national capital, domestic aviation market leader IndiGo said it cancelled 40 flights.

The glitch stemmed from a buggy software update by global cybersecurity firm CrowdStrike for Microsoft computers. Microsoft Windows has over 72% of the world’s operating systems share in personal computers, including virtual machines that many enterprises rely on for their cloud computing.

CrowdStrike’s CEO George Kurtz said on social media platform X that a defect was found “in a single content update for Windows hosts” that affected Microsoft’s customers and that a fix was being deployed.

“We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this, including our company,” Kurtz told NBC Today.

“Many of the customers are rebooting the system and it’s coming up and it’ll be operational,” Kurtz said. “It could be some time for some systems that won’t automatically recover.”

CrowdStrike shares plunged as much as 14.5% shortly after trading opened before paring losses to trade down 8.5%, Reuters reported. The company’s products, like many of its competitor’s, are seen as an essential security tool by enterprises at a time when ransomware is a persistent threat. The tool known as Falcon integrates deep into an operating system like Windows and thwarts the ability of malware developers to lock out users – making Friday’s global crash all the more ironic.

Microsoft said later on Friday that the issue had been fixed.

The glitch, to be sure, would have effected machines running CrowdStrike’s Falcon on Windows.

“Earlier today, a Crowdstrike update was responsible for bringing down a number of Windows systems globally. We are actively supporting customers to assist in their recovery,” Microsoft chief communications officer Frank Shaw said in a post on X.

But even as companies and institutions began restoring regular services, experts said the cyber outage revealed the risks of an increasingly online world.

“This is a very, very uncomfortable illustration of the fragility of the world’s core Internet infrastructure,” said Ciaran Martin, professor at Oxford University’s Blavatnik School of Government and former head of the UK National Cyber Security Centre, Reuters reported.

While the core problem appeared simple, which should make it short-lived, its immediate impact was remarkable, Martin added. “I’m struggling to think of an outage at quite this scale.”

In India, the worst of the outage was in the airline industry, although some hospital chains too reported disruptions that forced them to work offline --- relying on handwritten notes for patient admissions and reports.

The government was in touch with Microsoft regarding the outage, Union minister Ashwini Vaishnaw said on Friday, and added that the government’s own IT infrastructure was not affected.In a post on X, IT minister Vaishnaw said that the reason for this outage has been identified and updates have been released to resolve the issue.“MEITY is in touch with Microsoft and its associates regarding the global outage... NIC network is not affected,” the Minister said.

The first of the symptoms of something was wrong emerged from airports in the US, when red-eye flights began to be disrupted, and Australia, where grocery stores and offices started going offline. The three major US airlines -- American Airlines, Delta Air Lines and United Airlines =- grounded all flights, while other carriers and airports around the world reported delays and disruptions.

Airports in Los Angeles, Singapore, Hong Kong, Amsterdam and Berlin said some airlines were having to check in passengers manually, causing delays.

Banks and financial services companies from Australia to India and Germany warned customers of disruptions and traders across markets spoke of problems executing transactions. “We are having the mother of all global market outages,” one trader said.

As the day progressed, more and more companies reported a return to normal service, including Spanish airport operator Aena, US carriers American Airlines, Frontier and Spirit, Dubai International Airport operator and Australia’s Commonwealth Bank.

Still, industry experts weighed the potential impact for the sector of what one called the biggest ever IT outage.

“IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster,” said Ajay Unni, CEO of StickmanCyber, one of Australia’s largest cybersecurity services companies.

US-based CrowdStrike, with a market value of about $83 billion, is among leading cybersecurity companies, counting more than 20,000 subscribers around the world, its website showed.

CrowdStrike is well known for investigating Russian hackers. It helped to investigate the cyber attacks on the US Democratic National Committee in 2015-16, and its connection to Russian intelligence services. The same Russian group then attempted unsuccessfully to hack into CrowdStrike in 2020.

The company was even at the middle of a political controversy when former president Donald Trump appeared to ask Ukrainian president Volodymyr Zelensky about it, referring to an unproven theory that CrowdStrike’s probe into the DNC hack was dodgy.