Holly Yan
CYBER
July 19, 2024
SOURCE:
CNN

Global computer outage wreaks havoc on businesses, 911 systems and government agencies

The global computer outage affecting airports, banks and other businesses on Friday appears to stem at least partly from a software update issued by major cybersecurity firm CrowdStrike.

Passengers queued at Gatwick Airport amid a global IT outage on Friday in Crawley, United Kingdom. JACK TAYLOR/GETTY

Thousands of US flights were grounded Friday as a technical disaster plagued government agencies and businesses worldwide – leading to countless stranded passengers, canceled medical procedures and disrupted 911 services.

A cybersecurity company said the debacle is “not a security incident or cyberattack.” But the technical fiasco has paralyzed airlines, banks, state agencies and even emergency services around the world.

As of Friday afternoon, more than 2,400 flights into, out of or within the United States had been canceled, according to FlightAware.com.

Charlotte Douglas International Airport in North Carolina told passengers to not come to the airport unless they had confirmed their flights. Bewildered travelers at the world’s busiest airport in Atlanta were stranded as they tried to get to urgent events.

“Tomorrow, I have a funeral in the afternoon,” said Ty Kelley, who was stuck at Hartsfield-Jackson Atlanta International Airport – which had the most cancellations Friday morning.

“And then on Sunday, I have my sister’s 50th birthday party,” Kelley said. But it’s not clear when or if she’ll make it to those events: “It’s really chaotic. It’s frustrating. And I’ve never experienced anything like this.”

The Federal Aviation Administration “is closely monitoring a technical issue impacting IT systems at U.S. airlines,” the agency posted on social media. “Several airlines have requested FAA assistance with ground stops until the issue is resolved.”

CrowdStrike, a cybersecurity firm that has Microsoft among its clients, “is actively working with customers impacted by a defect found in a single content update for Windows hosts,” CEO George Kurtz posted on X. “This is not a security incident or cyberattack.”

Kurtz later told NBC, “We’re resolving and have resolved the issue.”

“As systems come back online, as they’re rebooted, they’re coming up and they’re working,” Kurtz said on the “Today” show. However, Kurtz said, it could be “some time” for certain systems that won’t just automatically recover.

Microsoft released a statement midday explaining the situation.

“Yesterday, CrowdStrike released an update that began impacting IT systems globally,” Microsoft CEO Satya Nadella posted on X. “We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online.”

What US airlines are saying

Delta Air Lines “paused its global flight schedule this morning due to a vendor technology issue that is impacting several airlines and businesses around the world,” it said in a statement Friday morning. Delta later said it was resuming some flights. The airline apologized to impacted customers and said a travel waiver would be issued.

JetBlue operations “remain normal and we are not experiencing any system-wide delays or cancelations,” the airline said in an email to CNN. However, “Customers should monitor their flight status and build in extra time in the event that this outage has impacted specific airports due to outages at other airlines, airport operators, or government agencies.”

American Airlines said it has resolved the issue affecting its operations. “Earlier this morning, a technical issue with a vendor impacted multiple carriers, including American. As of 5 a.m. ET, we have been able to safely re-establish our operation,” American said in a statement. “We apologize to our customers for the inconvenience.”

Spirit Airlines said in a travel advisory its reservation system was impacted by the outage. The airline asked passengers to check back for updates and apologized “for any inconvenience this may cause.”

– Southwest Airlines told CNN the outage hasn’t impacted its operations.

Frontier Airlines and some competitors were brought to a standstill for hours after a significant Microsoft outage Thursday. The ground stop for those airlines has been lifted, and Frontier offered refunds to inconvenienced passengers.

United Airlines said it was resuming “some flights” early Friday morning. United cautioned travelers they might experience delays and issued waivers for eligible customers to change their travel plans.

Allegiant Air and Sun Country Airlines said they were having difficulties involving booking, check-in and trip-managing functions online. The FAA announced Friday morning that all Allegiant flights would be grounded.

– Numerous international airlines reported technical disruptions, including Virgin Australia and Qantas, along with airports across Europe and Asia-Pacific.

Federal services and health care are stymied

The calamity also struck hospitals and federal agencies, forcing each to scramble for solutions.

“Many of our Microsoft-based computer systems have been affected by the worldwide technology outage,” Cincinnati Children’s hospital posted on X. “Our teams are working hard to minimize disruption to patient care and system operations, and we are bringing systems back up as quickly as possible.”

At Harris Health System in Houston, “elective hospital procedures are being canceled today and will be rescheduled when the information systems issues are resolved.”

At Mass General Brigham in Boston, “all previously scheduled non-urgent surgeries, procedures, and medical visits are cancelled today,” the health care system told CNN in a statement.

“Mass General Brigham remains open to provide care to patients with urgent health concerns in our clinics and emergency departments, and we continue to care for all patients currently receiving care in our hospitals.”

The US Department of Justice was searching for workarounds Friday, according to an internal memo viewed by CNN. The memo said the CrowdStrike issue “is significant and there is currently no estimated restoration time.”

And due to the Microsoft and CrowdStrike debacle, “local Social Security offices are closed to the public today,” the Social Security Administration’s website said.

Some 911 services went down as Portland issues an emergency declaration

The technical disaster has affected some 911 operations in the United States; mass transit in New York and Washington, DC; banking in Australia, South Africa and the United Kingdom; Hong Kong’s Disneyland; and the Israeli health service.

In Oregon, Portland Mayor Ted Wheeler issued an emergency declaration.

“City services that rely on Microsoft Operating Systems using Crowdstrike Endpoint Protection, including certain essential City service providers, are impacted by the problem including emergency communications,” the mayor’s office said, though 911 operations were not impacted.

But in Alaska, many 911 and non-emergency call centers weren’t working properly, Alaska State Troopers said. Hours later, the agency said 911 services had been restored.

In New Hampshire, some 911 services were down across the state overnight but have since been restored, New Hampshire 911 said in a post.

Phoenix police said the technical problems impacted the department’s computerized 911 dispatch center. “Our 911 center remains operational. If you need to call 911, stay on the line if you are put on a brief hold,” Phoenix police posted on X Friday morning. Later in the morning, the department said its “systems have been restored.”

In New York City, 911 services are operational, the mayor’s press secretary told CNN.

“FDNY IT and Communication teams implemented our redundancy procedures upon notification of the CrowdStrike outage,” New York fire department spokesperson Jim Long told CNN Friday.

CNN has reached out to the Federal Communications Commission for more information on nationwide 911 outages.

“We’re aware of reports of a systems outage causing disruptions in service, including 911,” the FCC posted late Friday morning on X. “We’re working closely with other federal agencies to provide assistance and determine the extent of these service disruptions.”

State agencies are hit hard, too

In some states, driver services grinded to a halt due to the technical problems.

North Carolina’s driver’s license and plate services are “unable to assist customers this morning due to the current global Microsoft and CrowdStrike outage,” the North Carolina Department of Transportation said. The agency said services will resume “once the global outage has been repaired.”

Georgia’s Department of Driver Services said operations were unavailable “Due to the Microsoft/CrowdStrike Global outage.”

And in Tennessee, driver services centers might not be able to process transactions, state officials said Friday morning.

“The Department of Safety and Homeland Security will provide updates as information becomes available,” the agency said. “We apologize for the inconvenience the outage has caused.”

Some airports are ‘absolutely insane’

The situation at Philadelphia International Airport is “absolutely insane” as thousands of people cram together, waiting for answers, traveler William Sikora III said.

“It’s getting really hot in here,” Sikora told CNN on Friday morning. He was trying to make the cross-country journey from Philadelphia to Los Angeles, but feared repeated delays would eventually turn into cancellations.

His sentiments were echoed by would-be passengers in Atlanta, where airport officials told CNN they expected 300,000 passengers to pass through the world’s busiest airport.

“Nobody was really giving us answers. They just said our system’s down, our system’s down,” New Jersey resident Jennifer Small told CNN.

She slept at the airport overnight and has had her flight canceled twice. “I want to get home to my son,” Small said. But she doesn’t think she’ll be able to go home until Saturday.

Spirit Airlines customer Miya Haney was stuck in Atlanta with her toddler daughter, trying to get to Boston for a birthday party.

“I’m just beyond frustrated,” Haney said. Spirit Airlines was using a manual check-in process, with “a person going up and down shouting ‘Boston here, flight number here,’” Haney said.

“I have no idea when we are going to get called.”

CNN’s Holly Yan, Paradise Afshar, Justin Lear, Jessie Yeung, Kaila Nichols, Rebekah Riess, Amanda Musa, Kristina Sgueglia, Andrea Cambron, Whitney Wild, Hannah Rabinowitz, Isabel Rosales, Jaide Timm-Garcia, Shawn Nottingham, Keith Allen, Nadia Kounang, Jamie Gumbrecht, Joe Sutton, Samantha Waldenberg, Robert North and Dianne Gallagher contributed to this report.

Atrisk Corporation (ATSK), the respective legal and trading names of Atrisk, headquartered at 300 Delaware Ave, may be identified by its International Standard Name Identifier (ISNI) of 0000 0005 1367 5143, its Legal Entity Identifier (LEI) of 2549002K5Q8WUKP21B56, its Managing LOU of 5493001KJTIIGC8Y1R12 (Bloomberg Finance), its S&P Global Company ID of 8058644, its Copyright Clearance Center IDO200 Ringgold ID of 671947, its OpenCorporates ID of us_de/7481692, its Global Legal Entity Identifier Foundation (GLEIF) XML Verification of 2549002K5Q8WUKP21B56, its Standard Industrial Classification (SIC) Code of 7382, its North American Industry Classification System (NAICS) Code of 56162, its Business Registry of RA000602 (DE-US), its Business Registry Identifier of 7481692, its Legal Form of Corporation (XTIQ), its Legal Industry of Security Systems Services, its Entity Status of Active, its Compliance Status of Good Standing, among other entity and attribute identifiers, either publicly listed on the 2024-2025 Compliance & Investor Factsheet or available via legal@atrisk.us

+1 855-ATRISK-1
© 2024 Atrisk Corporation. All rights reserved.
We're Hiring: https://career.atrisk.us

Hello. Are you an employee? https://alarm.atrisk.us
Atrisk Corporation (ATSK), the respective legal and trading names of Atrisk, headquartered at 300 Delaware Ave, may be identified by its International Standard Name Identifier (ISNI) of 0000 0005 1367 5143, its Legal Entity Identifier (LEI) of 2549002K5Q8WUKP21B56, its Managing LOU of 5493001KJTIIGC8Y1R12 (Bloomberg Finance), its S&P Global Company ID of 8058644, its Copyright Clearance Center IDO200 Ringgold ID of 671947, its OpenCorporates ID of us_de/7481692, its Global Legal Entity Identifier Foundation (GLEIF) XML Verification of 2549002K5Q8WUKP21B56, its Standard Industrial Classification (SIC) Code of 7382, its North American Industry Classification System (NAICS) Code of 56162, its Business Registry of RA000602 (DE-US), its Business Registry Identifier of 7481692, its Legal Form of Corporation (XTIQ), its Legal Industry of Security Systems Services, its Entity Status of Active, its Compliance Status of Good Standing, among other entity and attribute identifiers, either publicly listed on the 2024-2025 Compliance & Investor Factsheet or available via legal@atrisk.us

+1 855-ATRISK-1
© 2024 Atrisk Corporation. All rights reserved.
We're Hiring: https://career.atrisk.us

Hello. Are you an employee? https://alarm.atrisk.us