Flights were delayed or cancelled. Banks were unable to issue money. Some retailers had to shut outlets, some put up signs saying they could only accept cash as the biggest IT outage ever affected people around the world.
Operations across broadcasters, banks, airports, and transportation suffered massive disruption.Hundreds of flights were cancelled and airports from Australia to US and UK, and India witnessed chaotic scenes.
Reports suggest that operations were yet to normalise at several places as the world struggled to come to terms with the enormity of the disruption. The outage was not caused by a cyberattack, as was initially feared. It began with a routine software update from US cybersecurity company CrowdStrike. The firm’s solutions are widely used by organisations using Microsoft’s Windows operating system. CrowdStrike‘s software, Falcon Sensor, is designed to protect computer systems from cyberattacks. However, a defect in its latest update for computers running Windows OS triggered the issue.
Windows outage impacts airline bookings, check-ins
Those logging into their systems saw what’s called the Blue Screen of Death (BSOD) – an error message that’s displayed when the operating system encounters a critical issue that it cannot recover from.
Within hours, Microsoft and CrowdStrike identified the issue and deployed a fix. But systems already impacted needed to be set right with manual workarounds. Given the scale of computers impacted and limited IT staff in organisations, this was still work in progress in most large businesses on Friday.
Paris Olympic Committee said the outage was slowing its operations but tickets sales were not affected. In UK, general physicians and pharmacies were hit hard and faced shutdowns.
CrowdStrike CEO George Kurtz on X said, “We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on. He also apologised for the massive disruption saying, “We are deeply sorry.”
Sundareshwar K, partner and leader for cyber security at consultancy firm PwC India, said, “This is a Black Swan event impacting not just businesses but the overall national machinery, and underscores how safeguarding entities against risk involves much more than technology. This development highlights how it is a misnomer that enhanced technology deployment alone will help organisations become more secure and ensure business continuity.”
Back home, the enormity of the outage was felt across industries with airlines issuing handwritten boarding passes.
IndiGo flyer Akshay Kothari took to X to share a photograph of his handwritten boarding pass for a Hyderabad-Kolkata flight. “I got my first handwritten boarding pass today,” he said. Indian carriers, including Indigo, Akasa Air, Air India Express, and SpiceJet, encountered glitches that impacted services including ticket booking and web check-in.
Tata Starbucks, sources said, faced issues with some of its PoS (point of sale) systems, but there was no major impact on the business. Some sellers on Amazon, Meesho and Flipkart faced glitches with their inventory management systems supported by Microsoft, an executive with one of the firms said on condition of anonymity. Amazon and Flipkart did not respond to queries, while a Meesho spokesperson said there had been no impact.
PhonePe’s stock broking platform Share.market faced issues during the day. The company later said the services had been restored and apologised for the inconvenience.
“This is a very uncomfortable illustration of the fragility of the world’s core internet infrastructure,” Ciaran Martin, former head of Britain’s National Cyber Security Centre and now a professor at Oxford University, told the New York Times.