A global technology outage caused by a faulty software update grounded flights, knocked banks and media outlets offline, and disrupted hospitals, small businesses and other services on Friday, highlighting the fragility of a digitized world dependent on just a handful of providers.
The trouble with the update issued by cybersecurity firm CrowdStrike and affecting computers running Microsoft Windows was not a hacking incident or cyberattack, according to CrowdStrike, which apologized and said a fix was on the way.
But hours later, the disruptions continued – and escalated.
Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services at a time when many travelers are heading away on summer vacations. Hospitals and doctors’ offices had problems with their appointment systems, and cancelled non-urgent surgeries. Several TV stations in the U.S. were also prevented from airing local news early Friday.
During an earnings call Friday morning executives at one of Massachusetts’ largest banks, Rockland Trust Co., said desktop computers in its branches were primarily affected.
“It’s not significant and feels like it’s getting closer to normal as we speak,” CEO Jeffrey Tengel said in response to a stock analyst’s question. ” Our wire system, banking system are working just fine and our call center volumes were normal…It hasn’t been a big challenge for us.”
Given the scale of the problems worldwide, however, it’s likely many more Massachusetts banks were also dealing with problems at various points in their organizations.
At Mass General Brigham, the largest health care system in Massachusetts, all scheduled non-urgent surgeries, procedures, and medical visits were cancelled Friday because of the outage, according to a spokesperson. Emergency departments remain open and care for patients in the hospital has not been impacted.
“This is a very, very uncomfortable illustration of the fragility of the world’s core internet infrastructure,” said Ciaran Martin, a professor at Oxford University’s Blavatnik School of Government and former Head of Britain’s National Cyber Security Centre.
Cyber expert James Bore said real harm would be caused by the outage because systems people have come to rely on at critical times are not going to be available. Hospitals, for example, will struggle to sort out appointments and those who need care may not get it – and it will lead to deaths, he said.
“All of these systems are running the same software,” Bore said. “We’ve made all of these tools so widespread that when things inevitably go wrong – and they will, as we’ve seen – they go wrong at a huge scale.”
Microsoft spokesperson Frank X. Shaw confirmed in an emailed statement that “a CrowdStrike update was responsible for bringing down a number of Windows systems globally.” Earlier, the company had posted on the social media platform X that it was working to “alleviate impact” and that they were “observing a positive trend in service availability.”
During an interview on NBC’s “Today Show” Friday, CrowdStrike CEO George Kurtz apologized for the outage, saying the company was “deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this, including our companies.”
“We know what the issue is” and are working to remediate it, Kurtz said.
“It was only the Microsoft operating system” that was affected, though it didn’t happen on every Microsoft Windows system, he said.
The Austin, Texas-based company’s shares were down nearly 10 percent in early trading Friday.
A recording playing on its customer service line said, “CrowdStrike is aware of the reports of crashes on Microsoft ports related to the Falcon sensor,” referring to one of its products used to block online attacks.
The Commercial Record staff writer James Sanna contributed to this report.