Banks and card payment systems are among the victims of the global technology outage on Microsoft platforms.
The problem is attributed to a software update from cybersecurity company CrowdStrike. The company’s CEO, George Kurtz, says a “defect has been found in a single content update for Windows hosts.”
Kurtz added: “This is not a security incident or cyberattack. The issue was identified, isolated and a solution was provided.”
Earlier today, Microsoft said: “We have been made aware of an issue affecting virtual machines running Windows Client and Windows Server and running the CrowdStrike Falcon agent. This issue may result in a error check (BSOD[Blue Screen of Death]) come and it gets stuck in a reboot state. We believe the impact began around 19:00 UTC on July 18th.”[bluescreenofdeath)andgetstuckinarestartingstateWeapproximateimpactstartedaround19:00UTConthe18thofJuly”[bluescreenofdeath)andgetstuckinarestartingstateWeapproximateimpactstartedaround19:00UTConthe18thofJuly”
The outage has hit banks including Lloyds in the United Kingdom and Capitec in South Africa, which reported problems. Waterstones, Waitrose and Wetherspoons are among retailers experiencing problems accepting card payments.
The London Stock Exchange’s RNS (Regulatory Intelligence Service) was taken out of action while trading was halted. JP Morgan and UBS are reportedly struggling to complete their deals.
Meanwhile, Melanie Pizzey, CEO of the Global Payroll Association, warns of potential problems: “We have already been contacted today by numerous customers who have been unable to access their payroll software due to the Microsoft outage, and by others who have been asked to to register.” with immediate effect.
“Depending on the duration of this outage, it could have very serious consequences for businesses across the country, particularly those that process payroll on a weekly basis.”
Windows online services have also caused chaos in airports, train stations and broadcasters, among other places. Ryanair, American Airlines, KLM, Qantas and Air New Zealand are among the numerous airlines delayed by the system failure, causing massive delays at airports. Services and companies such as Allianz, NHS, BBC, Waitrose and Sky News are also affected.
Microsoft and CrowdStrike’s stock prices fell as a result of the failure.
This outage is another in a long list of recent system failures that have impacted daily life and caused massive frustration among consumers. Just yesterday the Bank of England had a major payment problem that brought down the RTGS system. Last week, Worldline caused a payment outage in the UK, crippling payment systems at retailers across the country for Visa and Mastercard users.
Jake Moore, global security consultant at ESET, comments: “These outages are increasing due to the sheer increase in the number of online users and data traffic.
“The inconvenience caused by the loss of access to services for thousands of people reminds us how dependent we are on large technology companies like Microsoft to run our daily lives and businesses.”
Al Lakhani, CEO of IDEE, explains: “CrowdStrike’s platform approach, based on a single agent focused on detection, may seem good at first glance, but as we see, it can lead to significant problems. For example, agents need to be installed and deployed.” Maintaining software on multiple different operating systems introduces increased complexity and potential sources of error. Additionally, agents can become a single point of failure as a faulty update can compromise the entire network, as was the case with the SolarWinds attack.
“The lesson here is clear: investing in cybersecurity is not just about purchasing the newest or most popular tools, but also about ensuring that those tools are reliable and resilient. That’s why organizations must prioritize agentless solutions like MFA 2.0 that reduce the risk of widespread outages and ensure more resilient defenses.”
David Varney, partner at UK law firm Burges Salmon, said: “The effectiveness of mitigation measures for unforeseen IT outages depends largely on the preparedness and resilience built into an organisation’s business continuity strategies. The current Crowdstrike outages are a stark reminder of the importance of proactive planning and regular testing to ensure business resilience in the face of unforeseen challenges.”