Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
Technology
Andy Gregory and Andrew Griffin

Massive outage causes worldwide chaos as software firm warns full fix could take ‘some time’

Getty

Support truly
independent journalism

An unprecedented global computer outage caused major chaos across Britain and around the world without warning on Friday – grounding thousands of flights, knocking TV stations off air, and leaving patients unable to see doctors.

Microsoft computer systems were crippled by a humble security update that brought some of the world’s biggest companies to a halt and caused disruption on a scale experts likened to the much-feared Millennium Bug that failed to materialise 24 years ago.

Affected Windows PCs were left unusable, showing a “blue screen of death” error message.

The chief executive of CrowdStrike, the firm that issued the faulty software update, said he was “deeply sorry” but warned it would take “some time” for systems to be fully restored.

In Britain, the chaos included:

  • 3,700 GP practices – around 60 per cent – hit by disruption to appointment bookings and other services
  • The FTSE100 dropped 0.8 per cent
  • Almost 300 flights cancelled, out of almost 5,000 worldwide
  • Nearly all independent pharmacies affected
  • Sky News among channels unable to broadcast

The bug’s ramifications were on a scale not seen before. Banks, supermarkets and other institutions reported disruption, while many businesses were unable to take digital payments or access key databases.

Airports, which use myriad PC systems for managing customers and equipment, were among the worst-hit. On what was set to be UK airports’ busiest day in five years, some 50,000 passengers who were planning to fly to or from Britain on Friday will wake up on Saturday where they did not intend to be.

Passengers queue by the Ryanair check-in desk at London Stansted Airport (PA)

Huge queues formed at affected airports, with Gatwick staff forced to manually check in passengers for flights. Heathrow Airport said on Friday afternoon it was still “working hard” to get passengers “on their way”.

In a further dramatic symptom of the outage, CBBC and Sky News were both rendered unable to broadcast on Friday morning, with news presenters forced to use printed notes once the channel returned to air after more than an hour’s blackout.

And health secretary Wes Streeting begged patients to “bear with” their GPs as some 3,700 practices – around 60 per cent of all surgeries – were hit by disruption to appointment bookings and prescribing.

Ambulance services reported a “huge” surge in demand as people also struggled to access the NHS app, while some hospitals suffered administrative issues – with Royal Surrey NHS Foundation Trust declaring a critical incident and cancelling radiotherapy appointments.

People trying to access the NHS app also encountered problems (PA Wire)

The National Pharmacy Association, which represents many of the UK’s 9,000 independent community pharmacies, told The Independent the outage was “affecting nearly all of our members in some way”.

Govia Thameslink Railway – the UK’s busiest train operator, which runs the Southern, Thameslink, Gatwick Express and Great Northern services around London – also said it was experiencing “widespread IT issues”.

Tracking website Down Detector registered outages and problems at a huge array of other companies, including Visa, Mastercard, Amazon, Ryanair, Ladbrokes and BT.

The worldwide meltdown is “unprecedented in the range and scale of systems it has impacted”, warned cybersecurity expert Dr Harjinder Lallie, an associate professor at the University of Warwick.

“I’ve never seen anything like this before,” said Dr Lallie. “We had the NHS, WannaCry (ransomware attack), that was serious. But this is planes, TV stations, it’s such a massive impact.”

Billboards in New York’s Times Square went blank as the IT outage hit (WNYW)

Dr Lallie warned that “this IT ‘catastrophe’ highlights the need for greater resilience, a greater focus on back-up systems, and possibly even a need to rethink whether we are using the most resilient operating systems for such critical systems”.

With many retailers across the globe reporting issues with digital payments, Andrew Goodacre, chief of the British Independent Retailers Assocation, told The Independent that major IT issues seem “to be happening all too often”.

“Independent retailers don’t have the kind of resources that you might find in a large chain, but they still need the same level of protection. This can make them more vulnerable when such IT failures occur,” he said.

While it remained unclear how many retailers were affected overall, a British Retail Consortium spokesperson said most has resumed trading as normal.

Shops reported not being able to take card payments amid the IT outage (Richard Woodward/PA))

CrowdStrike, which provides cyber attack monitoring and protection to many major businesses, said the problem was caused by a “defect found in a single content update for Windows hosts”, adding that it was not a security incident or cyber attack.

Its stock value fell 12 per cent in early trading on Friday after Elon Musk dubbed it the “biggest IT fail ever”.

Chief executive George Kurtz said: “We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this.

“We’ve been on with our customers all night and working with them - many of our customers are rebooting the system and it’s coming up and operational because we fixed it on our end., Some of the systems that aren’t recovering, we’re working with them, so it could be some time for some systems that just automatically won’t recover, but it is our mission to make sure that every customer is fully recovered and we’re not going to relent until we get every customer back to where they were and we’ll continue to protect them and keep the bad guys out of their systems.”

He added: “Software is a very complex world and there's a lot of interactions, and always staying ahead of the adversary is a tall task."

Adam Leon Smith of BCS, the Chartered Institute for IT, warned that it could even take “weeks” for all computers and systems to be fully restored, saying: “The fix will have to be applied to many computers around the world.

“So if computers are getting blue screens and endless loops, it could be more difficult and take days and weeks.”

Professor Ciaran Martin, the founding chief executive of the National Cyber Security Centre (NCSC) said the incident was an "incredibly powerful illustration of our global digital vulnerabilities and the fragility of core Internet infrastructure."

Prof Martin, who now works at the University of Oxford, said it was hard to estimate how long it would take to recover from the outage.

“The underlying problem is fixed and the fixes are being implemented. Some industries can recovery quickly. But others like aviation will have long backlogs. That said, I'd be surprised if we were still facing serious problems this time next week.”

He added that the cyber industry also needed to get better at “finding and fixing these single points of failure across all core digital infrastructure”.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.