Views: 6
ITV
Businesses and institutions around the world have been been knocked offline after a major IT outage, believed to have been caused by a faulty update to widely used cybersecurity software.
Major infrastructure including airlines, train companies, banks and media outlets have ground to a halt after their computer systems were knocked offline or leaving devices showing the so-called “Blue Screen of Death” (BSOD).
In the UK, Sky News went off air, while Britain’s biggest train company warned passengers to expect disruption because of “widespread IT issues”, as did many major airlines and airports.
Around the world, banks, supermarkets and other major institutions reported computer issues disrupting services, while many businesses have been left unable to take digital payments.
Microsoft has confirmed it was aware of and fixing issues with its cloud platform, Azure, but many cybersecurity experts have reported the potential source of the issue as global cybersecurity firm CrowdStrike, which provides cyber attack monitoring and protection to many major businesses.
Experts have said a flawed update to CrowdStrike’s Falcon Sensor software could be the source of the problem.
CrowdStrike has not yet publicly confirmed any issue.
Overnight, Microsoft confirmed it was investigating an issue with its services and apps, with the tech giant’s service health website warning of “service degradation” that meant users may not be able to access many of the company’s most popular services, used by millions of businesses and people around the world.
Cybersecurity expert Troy Hunt also reported seeing issues at CrowdStrike, with Australian telecoms firm Telstra posting to X, formerly Twitter, that the worldwide outage was “because of a global issue affecting both Microsoft and CrowdStrike”.
Among the impacted firms are Ryanair, with the airline posting to its website: “Potential disruptions across the network (Fri 19 July) due to a global third party system outage.
“Affected passengers will be notified and any passengers travelling across the network on Fri 19 July should check their Ryanair app for the latest updates on their flight.
“We advise passengers to arrive at the airport three hours in advance of their flight to avoid any disruptions.
“We regret any inconvenience caused to passengers by this third party IT issue, which is outside of Ryanair’s control and affects all airlines operating across the network.”
Edinburgh Airport said the IT outage is causing longer waiting times.
A spokesperson said: “An IT system outage means wait times are longer than usual at the airport.
“This outage is affecting many other businesses, including airports.
“Work is ongoing to resolve this and our teams are on hand to assist where we can. Passengers are thanked for their patience.”
Meanwhile, Govia Thameslink Railway (GTR) – parent company of Southern, Thameslink, Gatwick Express and Great Northern – warned passengers to expect delays because of the issue.
According to service status monitoring website Downdetector, users were reporting issues with the services of Visa, BT, major supermarket chains, banks, online gaming platforms and media outlets.
Cybersecurity experts said that the widespread access CrowdStrike’s Falcon Sensor had to business systems meant an issue with the platform would have widespread effects.
Toby Murray, associate professor in the School of Computing and Information Systems at the University of Melbourne, said: “CrowdStrike Falcon has been linked to this widespread outage. CrowdStrike is a global cybersecurity and threat intelligence company.
“Falcon is what is known as an Endpoint Detection and Response (EDR) platform, which monitors the computers that it is installed on to detect intrusions – hacks – and respond to them. That means that Falcon is a pretty privileged piece of software in that it is able to influence how the computers it is installed on behave.
“For example, if it detects that a computer is infected with malware that is causing the computer to communicate with an attacker, then Falcon could conceivably block that communication from occurring. If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons – one: Falcon is widely deployed on many computers, and two: because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats – so it can better detect them. We have certainly seen anti-virus updates in the past causing problems e.g. here.
“It is possible that today’s outage may have been caused by a buggy update to Falcon.”