An unprecedented global computer outage caused major chaos across Britain and around the world without warning on Friday – grounding thousands of flights, knocking TV stations off air, and leaving patients unable to see doctors.
Microsoft computer systems were crippled by a humble security update that brought some of the world’s biggest companies to a halt and caused disruption on a massive scale, with experts likening it to the much-feared millennium bug that failed to materialise 24 years ago.
Affected Windows PCs were left unusable, showing a “blue screen of death” error message.
The chief executive of CrowdStrike, the firm that issued the faulty software update, said he was “deeply sorry” but warned that it would take “some time” for systems to be fully restored.
In Britain, the chaos included:
-
3,700 GP practices – around 60 per cent – being hit by disruption to appointment booking and other services
-
The FTSE 100 dropping 0.8 per cent
-
Almost 300 flights being cancelled, with around 5,000 cancelled worldwide
-
Nearly all independent pharmacies being affected
-
Sky News and other channels being unable to broadcast
The bug’s ramifications were on a scale not seen before. Banks, supermarkets and other institutions reported disruption, while many businesses were unable to take digital payments or access key databases.
Airports, which use myriad PC systems for managing customers and equipment, suffered some of the worst effects. On what was set to be the busiest day for UK airports in five years, some 50,000 passengers who were planning to fly to or from Britain on Friday were unable to do so.
Huge queues formed at the affected airports, with Gatwick staff forced to check in passengers manually for flights. Heathrow airport said on Friday afternoon that it was still “working hard” to get passengers “on their way”.
In another dramatic consequence of the outage, CBBC and Sky News were both rendered unable to broadcast on Friday morning, with news presenters forced to use printed notes once the channel returned to air after more than an hour’s blackout.
And health secretary Wes Streeting begged patients to “bear with” their GPs as some 3,700 practices – around 60 per cent of Britain’s surgeries – were hit by disruption to appointment booking systems and prescription services.
Ambulance services reported a “huge” surge in demand as people also struggled to access the NHS app, while some hospitals suffered administrative issues. The Royal Surrey NHS Foundation Trust declared a critical incident and cancelled radiotherapy appointments.
The National Pharmacy Association, which represents many of the UK’s 9,000 independent community pharmacies, told The Independent that the outage was “affecting nearly all of our members in some way”.
Govia Thameslink Railway – the UK’s busiest train operator, which runs the Southern, Thameslink, Gatwick Express and Great Northern services around London – also said it was experiencing “widespread IT issues”.
Tracking website Down Detector registered outages and problems at a huge array of other companies, including Visa, Mastercard, Amazon, Ryanair, Ladbrokes and BT.
The worldwide meltdown is “unprecedented in the range and scale of systems it has impacted”, warned cybersecurity expert Dr Harjinder Lallie, an associate professor at the University of Warwick.
“I’ve never seen anything like this before,” said Dr Lallie. “We had the NHS WannaCry [ransomware attack], that was serious. But this is planes, TV stations… it’s such a massive impact.”
Dr Lallie warned: “This IT catastrophe highlights the need for greater resilience, a greater focus on backup systems, and possibly even a need to rethink whether we are using the most resilient operating systems for such critical systems.”
With many retailers across the globe reporting issues with digital payments, Andrew Goodacre, chief of the British Independent Retailers Association, told The Independent that major IT problems seem “to be happening all too often”.
“Independent retailers don’t have the kind of resources that you might find in a large chain, but they still need the same level of protection. This can make them more vulnerable when such IT failures occur,” he said.
While it remained unclear how many retailers were affected overall, a British Retail Consortium spokesperson said most had resumed trading as normal.
CrowdStrike, which provides cyberattack monitoring and protection for numerous large businesses, said the problem was caused by a “defect found in a single content update for Windows hosts”, adding that it did not constitute a security incident or a cyberattack.
The company’s stock value fell 12 per cent in early trading on Friday after Elon Musk dubbed the incident the “biggest IT fail ever”.
Chief executive George Kurtz said: “We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this. We’ve been on with our customers all night and working with them – many of our customers are rebooting the system, and it’s coming up and operational because we fixed it on our end.
“Some of the systems that aren’t recovering, we’re working with them, so it could be some time for some systems that [won’t] automatically recover, but it is our mission to make sure that every customer is fully recovered. We’re not going to relent until we get every customer back to where they were, and we’ll continue to protect them and keep the bad guys out of their systems.”
He added: “Software is a very complex world, and there’s a lot of interactions, and always staying ahead of the adversary is a tall task.”
Adam Leon Smith of BCS, the Chartered Institute for IT, warned that it could take “weeks” for all computers and systems to be fully restored.
“The fix will have to be applied to many computers around the world. So if computers are getting blue screens and endless loops, it could be more difficult and take days and weeks,” he said.
Professor Ciaran Martin, the founding chief executive of the National Cyber Security Centre, said the incident was an “incredibly powerful illustration of our global digital vulnerabilities and the fragility of core internet infrastructure”.
Prof Martin, who now works at the University of Oxford, said it was hard to estimate how long it would take to recover from the outage.
“The underlying problem is fixed and the fixes are being implemented. Some industries can recover quickly. But others, like aviation, will have long backlogs. That said, I’d be surprised if we were still facing serious problems this time next week.”
He added that the cyber industry needs to get better at “finding and fixing these single points of failure across all core digital infrastructure”.