Experts warn of coming threats
Recovery from IT failures around the world begins to slow, and experts warn of future risks. A mistake by cybersecurity company CrowdStrike left airports, businesses and medical facilities in many countries affected by the “largest outage in history.”
Photo: ru.freepik.com
Services began to resume on Friday evening after an IT failure that caused chaos around the world. But full recovery could take weeks, experts say, after airports, healthcare facilities and businesses were hit by the «largest disruption in history.»
As The Guardian recalls, flights and hospital appointments were cancelled, payroll systems froze and TV stations went off air after a botched software update hit Microsoft's Windows operating system.
The update came from a US company by CrowdStrike cybersecurity, and as a result, employees experienced a “blue screen of death” and their computers would not start. Experts said each affected computer may have to be patched manually, but as of Friday evening some services had begun to recover, The Guardian reported.
As the recovery continues, experts say the outage underscored concerns that many organizations are not adequately prepared to implement contingency plans when a single point of failure, such as an IT system or a piece of software within it, fails. But these failures will continue to happen, experts say, until networks have more contingency capabilities built into them and organizations implement more efficient backups.
In the UK, Whitehall crisis officials coordinated the response through the COBRA emergency committee. Ministers have contacted their sectors to deal with the impact of the IT disruption, with Transport Secretary Louise Hay saying she was working «in step with industry» after trains and planes were affected.
A Microsoft spokesman said on Friday: “We are aware of an issue affecting Windows devices due to a third-party software platform update. We expect that the resolution will be adopted soon.»
Texas-based CrowdStrike confirmed the outage was due to a software update to one of its products and not a cyberattack.
Its founder and chief executive George Kurtz said he «deeply regrets the impact impact we had on customers,» adding that there was a «negative interaction» between the update and Microsoft's operating system.
CrowdStrike's share price fell sharply throughout the day, falling as much as 13% at some points in trading.< /p>
Elon Musk, owner of Tesla, said the outage caused a «stagnation in the auto supply chain,» while banks in Kenya and Ukraine reported problems with their digital services and supermarkets in Australia faced payment problems.
Govia Thameslink Railway (GTR), the parent company of Southern, Thameslink, Gatwick Express and Great Northern, has warned passengers of possible delays.
According to service monitoring site Downdetector, users in the UK reported problems with services from Visa, BT, major supermarket chains, banks, online gaming platforms and media outlets.
Sky News and CBBC were also temporarily taken off air in the UK before returning to service, while Australia's ABC was also affected.
In financial services, Metro Bank reported problems with its UK phone lines, while Santander said card payments “may be impacted”. Monzo said some customers had reported problems, while some JP Morgan bankers were unable to log into their systems and the London Stock Exchange said there were issues with its news service.
Troy Hunt, a leading cybersecurity consultant, said the scale of the IT outage was unprecedented.
“I don’t think it’s too early to say: this will be the biggest IT outage in history,” he tweeted.
«Essentially, this is what we were all worried about with Y2K, except this time it actually happened,» he added, referring to the Millennium Bug that worried IT experts in the lead-up to Y2K. but ultimately did not cause serious damage.
British IT Institute BCS said restoring systems could take days or weeks, although some fixes would be easier to implement.
“In some cases, a fix can be applied very quickly,” said Adam Leon Smith, a research fellow at BCS. “But if computers reacted in such a way that they experienced blue screens and endless loops, recovery may be difficult and could take days or weeks.”
Alan Woodward, a professor of cybersecurity at the University of Surrey, said the fix required manually rebooting the affected computers, and “most regular users wouldn’t know how to follow the instructions.” He said organizations with thousands of computers spread across multiple locations face a more difficult task.
“These are just numbers. It could certainly take weeks for some organizations,” he said.
From Amsterdam to Zurich, Singapore to Hong Kong, airport operators reported technical problems that hampered their operations. While some airports suspended all flights, in others, airline staff were forced to check in passengers manually.
Among the companies affected on Friday was Ryanair, Europe's largest airline, which said on its website: «Possible network disruption due to a global outage of a third-party system… We advise passengers to arrive at the airport three hours before departure to avoid any disruption.»
Heathrow, Europe's largest airport, said it was «working hard» to get passengers «on their way.»
A Heathrow spokesman said: “We continue to work with our colleagues at the airport to minimize the impact of the global IT disruption on passenger travel. Flights are continuing to operate and passengers are advised to check with their airlines for the latest flight information.”
In the US, flights were grounded due to communications problems believed to be related to a power outage. Among the affected carriers were American Airlines, Delta and United Airlines.
Berlin airport temporarily suspended all flights on Friday. Aviation analytics company Cirium said 5,078 flights (4.6% of scheduled flights) were cancelled worldwide on Friday, including 167 departures from the UK and 171 arrivals.
GPs in the UK said they were unable to access patient records or book appointments. Surgeons said on social media they were unable to access the EMIS web system.
It is understood the outage did not affect 999 services, but the Royal Surrey NHS Trust in the south of England declared a critical incident and canceled radiotherapy appointments scheduled for Friday morning. The National Pharmaceutical Association confirmed that this could impact UK services.
Keir Starmer's spokesman said they were not aware the issue was having any impact on public services, but added that they recognized the impact. which it has in a broader sense. Reports from the Netherlands also suggest there may be problems in the health care system.
Israel's Health Ministry said a «global disruption» affected 16 hospitals, and in Germany, Schleswig-Holstein University Hospital in the north of the country said it had canceled all planned surgeries in Kiel and Lubeck.
Ted Wheeler, mayor of Portland, Oregon issued an emergency declaration saying the outage affected some critical city services, including emergency communications.
Alan Woodward of the University of Surrey said the outage was caused by an IT product called CrowdStrike Falcon, which monitors the security of large networks of PCs and loads each machine with a piece of monitoring software.
“The product is used by large organizations with a significant number of computers to ensure universal monitoring. Unfortunately, if they lose all the computers they won't be able to work with, or their level of service will be significantly reduced,” Woodward said.
Stephen Murdoch, professor of security engineering at University College London, said many organizations may find it difficult to resolve the issue quickly.
“The issue occurs before the computer is connected to the internet, so there is no way to resolve the issue remotely, so it takes someone to go out and solve the problem,” Murdoch said, adding that companies and organizations that have cut costs on IT staff or outsourced their IT work will have their ability to solve problems hampered.
However, Ciaran Martin, former chief executive of the National Cyber Security Centre, said that, unlike adversarial cyber attacks, this problem has already been identified and a solution has been found.
“Recovery is not about coping with the situation, but to go back. I think it's unlikely to be newsworthy in terms of continued disruptions this time next week,” he said.
The challenges for US businesses have also been exacerbated by problems with Microsoft's Azure cloud computing business. which occurred on Thursday.
Свежие комментарии