1. What exactly has happened?
The chief executive of CrowdStrike, George Kurtz, confirmed the problem was caused by a “defect in a single content update for Windows hosts” – in short, a flaw in a software update pushed out to customers using Windows PCs.
CrowdStrike is one of the world’s largest cybersecurity providers, providing antivirus and cyber-attack prevention tools to businesses.
The flaw in its update caused many Windows PCs to crash, some displaying the “blue screen of death” and becoming unusable.
IT infrastructure at businesses and institutions around the world collapsed, taking many companies and their services offline.
This has particularly affected the transport, financial and healthcare sectors, with airlines and airports, train services, health providers and even the London Stock Exchange affected.
The UK’s Ministry of Defence said it was tracking the situation and was unaffected. It said it was not aware of any involvement of “hostile actors”.
The UK’s science, innovation and technology secretary, Peter Kyle, said government departments were “working seamlessly together to understand the nature of today’s outages and respond appropriately and swiftly”.
Separately, other UK government officials indicated they were not treating this as a cyber-attack from hostile states or criminals.
2. What has the Windows outage affected?
Problems have been reported around the world, including in India, the US, Europe, the UK, Australia and New Zealand.
Companies including banks, telecommunications firms, TV and radio broadcasters, and supermarkets reported problems. Airlines were affected, too, with flights on US airlines including American Airlines, Delta and United Airlines being grounded. Airports were also experiencing difficulties.
Automated boarding scanners at Edinburgh airport went offline, a witness from the Reuters news agency said. The airport was checking boarding passes manually, they said.
Schiphol airport in Amsterdam said: “There is currently a global system failure. This disruption also has an impact on flights to and from Schiphol. The impact is now being mapped.”
Brandenburg airport in Berlin said “due to a technical fault, there will be delays in check-in”.
The emergency 911 lines in Alaska went down, according to the state troopers service. “Due to a nationwide technology related outage, many 911 and non-emergency call centres are not working correctly across the state of Alaska,” it said.
In the UK, rail services at Southern, Thameslink, Gatwick Express and Great Northern – all Govia Thameslink railway services – were experiencing widespread IT problems.
The news service at the London Stock Exchange was down, while the Commonwealth Bank confirmed some PayID payment transactions were affected, and it is understood ANZ customers were having trouble with some transfers.
The NHS booking system used by doctors in England was also offline, medical officials said.
3. How long will the problems last?
This remains unclear. Given the number of devices and businesses affected, it could take several days for every computer to be fixed and returned to normal use, particularly at smaller firms with fewer resources.
Cybersecurity experts said it was good news that the problem had affected only Windows users – CrowdStrike confirmed Apple Mac and Linux users were unaffected – and that a fix had been deployed, meaning larger IT departments could quickly begin restoring services.
Disruptions are likely to remain throughout Friday and into the weekend.