'Largest IT outage in history': Systems online – but full restoration could take days

July 19, 2024
6:45 pm

ASB said in a late-night update that its credit, debit and Eftpos cards were now working. Around 1am the bank posted: “FastNet Classic and the ASB Mobile app are now back up and running with some limited functionality.”

Friday evening saw long queues at retailers, with Woolworths shutting some of its stores and halting online orders.

Civil Defence said in a late Friday night update that it was implementing the CrowdStrike patch. 111 calling and other systems were operational.

Air New Zealand reported last night that all of its flights were running to schedule, but that some customers were having payment issues due to the outage. The Civil Aviation Authority reported no delays to flights in New Zealand, but warned of possible problems today with the flow on effect from countries – including the US – where flights were grounded for much of Friday.

Jetstar was impacted, with the airline cancelling all flights until 2am Saturday morning. Auckland Transport reported HOP card payments were down. Multiple councils reported problems with their IT systems.

Who is CrowdStrike?

The global outages, which saw many hospitals revert to manual systems, broadcasters including Sky News UK forced off-air, travel chaos and long queues at many service stages or supermarkets on Friday from around 5pm NZT, was caused not by a cyberattack but software designed to stop it.

The Austin, Texas-based CrowdStrike makes cybersecurity software including Falcon – which monitors an organisation’s IT systems for hacking attempts, viruses and other threats.

It was a bug in a Falcon update late on Thursday NZT that caused global mayhem.

CrowdStrike, founded in 2012, says that its customers include 298 of the firms in the Fortune 500, 8 out of 10 of the world’s largest financial services firms and six of the 10 largest healthcare providers.

Manual fix could take days

CrowdStrike issued a fix early Friday evening NZT, but it took hours for many organisations to implement. And cybersecurity experts warn that because individual Windows PCs must be updated manually, it could be days before some systems are fully recovered.

“The fix CrowdStrike has given is quite manual and may be difficult, in some cases, to deploy at large scale,” said Simo Kohonen, founder of Finland-based network security company Defused.

EXCLUSIVE: CrowdStrike founder and CEO @George_Kurtz speaks on TODAY about the major computer outages worldwide that started earlier today: “We’re deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this.” pic.twitter.com/fWz6KhgrcZ

— TODAY (@TODAYshow) July 19, 2024

Cloudstrike CEO George Kurtz took flak on social media for his post announcing a fix – in which he failed to apologise for his firm causing worldwide mayhem.

But shortly before midnight NZT, Kurtz appeared on NBC’s Today show, where he said: “We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this.”

CrowdStrike shares were down 11% in early Nasdaq trading, wiping some US$10.8 billion ($18.9b) from the tech giant’s market cap.

Microsoft’s shares were relatively unaffected, down 0.5% in line with a broader market dip.

Cybersecurity expert and founder of the ASafaWeb security analysis firm Troy Hunt said it was “the largest IT outage in history”. Hunt posted to X, in reference to the sweeping nature of the outage: “This is basically what we were all worried about with Y2K, except it’s actually happened this time.”

This is basically what we were all worried about with Y2K, except it’s actually happened this time ☠️

— Troy Hunt (@troyhunt) July 19, 2024

Tech expert Paul Spain told the Herald that billions of dollars in lost productivity could be lost as a result of the CrowdStrike IT outages.

CyberCX executive director for strategy and risk Dan Richardson said you would struggle to find a business unaffected by the current outage and everyone needed to take notice. “It’ll be hard to find a part of the economy that wouldn’t be affected by this.”

“[CrowdStrike Falcon] is a very widely used product. I think we’re seeing it in media organisations, airlines, [banks], those sorts of things because they tend to operate on a 24/7 basis,” Richardson told BusinessDesk.

“For organisations that don’t operate on a 24/7 basis, they might not see the impact of this until over the weekend or potentially through into next week.”

Chris Keall is an Auckland-based member of the Herald’s business team. He joined the Herald in 2018 and is the technology editor and a senior business writer.