Key infrastructure including airlines, trains, banks and media were shut down as computer systems were taken offline.
Businesses and institutions around the world have been knocked offline by a major IT outage that was apparently caused by a faulty update for a widely used cybersecurity software.
NHS England said the power outage was “causing disruption to the majority of GP practices” in England, but there was no immediate impact on 999 or emergency services.
Health officials said patients should attend appointments unless instructed otherwise and should only contact their GP in case of an emergency.
Key infrastructure including airlines, railways, banks and media were shut down, with computer systems going offline and devices displaying the so-called “blue screen of death” (BSOD).
In Britain, Sky News was taken off the air and the country’s largest rail company warned passengers to expect disruptions due to a “widespread IT issue”, with many major airlines and airports following suit.
General practices across England have reported being unable to make appointments or access patient records after the EMIS web system went down.
The National Pharmacists’ Association (NPA) also said: “Community pharmacy services, such as the ability to fill prescriptions from GPs and deliver medicines, are currently suspended.”
Across the world, banks, supermarkets and other major institutions reported service disruptions due to computer problems, with many businesses unable to accept digital payments.
While Microsoft confirmed that it was aware of the issue for its cloud platform Azure and that it was fixing it, many cybersecurity experts report that the potential source of the problem lies with CrowdStrike, a global cybersecurity firm that provides cyberattack monitoring and protection to many major companies.
Experts say an incomplete update to CrowdStrike’s Falcon Sensor software may be causing the problem.
CrowdStrike has not released a statement on the issue, but a call to the company’s technical support phone line returned a recorded message saying the company was “aware of reports of Windows crashes related to Falcon sensors.”
CrowdStrike has advised affected customers to log on to their customer service portal for support.
Microsoft confirmed last night that it was investigating issues with its services and apps, with “service degradation” warnings posted on its service health website, warning that many of the company’s most popular services, used by millions of businesses and people around the world, may be unavailable to users.
Cybersecurity expert Troy Hunt also reported issues with CrowdStrike, and Australian telecommunications company Telstra posted on X (formerly Twitter) that the global outage was “due to a global issue affecting both Microsoft and CrowdStrike.”
Among the affected companies is Ryanair, which posted on its website: “A global third-party system outage may cause disruptions across our network (Friday 19th July).”
“Affected passengers will be notified and those travelling across the network on Friday 19 July should check the Ryanair app for the latest updates on their flights.”
“Passengers are advised to arrive at the airport three hours before their flight to avoid any disruptions.
“We apologise for any inconvenience caused to passengers due to this third-party IT issue, which is outside Ryanair’s control and affects all airlines operating across our network.”
Edinburgh Airport has announced that an IT outage is causing longer waiting times.
“Due to an IT outage, waiting times at the airport are longer than usual,” a spokesman said.
“This outage is affecting many other businesses, including the airport.
“Work continues to resolve this issue and our teams are standing by to help in any way they can. We thank passengers for their patience.”
Meanwhile Govia Thameslink Rail (GTR), the parent company of Southern, Thameslink, Gatwick Express and Great Northern, warned passengers to expect delays due to the issue.
According to service monitoring website Downdetector, users reported issues with Visa, BT, major supermarket chains, banks, online gaming platforms and media.
General practitioners across England took to social media to report being unable to access the EMIS web system.
No NHS hospitals are currently thought to be affected by the power outage.
EMIS Web is the most widely used primary care clinical system in the UK.
It will enable GP practices to make appointments and check records and will also include clinical decision support tools and administrative support.
Solihull Healthcare Partnership in the West Midlands said there was a “nationwide problem” with EMIS Web.
X wrote: “Unfortunately we are experiencing a national issue with our clinical computer system, EMIS Web.
“This will impact patient appointments and consultations this morning.”
Windrush Medical Clinic in Witney, Oxfordshire, said it was continuing to provide emergency care but urged patients with “routine issues” to wait until Monday.
Other GP practices affected by the power outage said the issue “will have a major impact”.
Central Lakes Medical Group in Ambleside wrote to X: “We are affected by an IT outage.
“This will have a significant impact on us so we apologise in advance for any inconvenience and call delays.”
Cybersecurity experts said the widespread access that CrowdStrike’s Falcon sensors give to business systems means any problems with the platform could have widespread impact.
“CrowdStrike Falcon has been linked to this widespread outage. CrowdStrike is a global cybersecurity and threat intelligence company,” Associate Professor Toby Murray from the University of Melbourne’s School of Computing and Information Systems said.
“Falcon is known as an Endpoint Detection and Response (EDR) platform, which means it monitors the computer it is installed on to detect and respond to intrusions (hacks). This means that Falcon is a very privileged piece of software in that it can affect the behavior of the computer it is installed on.
“For example, if a computer is infected with malware and the malware detects that the computer is communicating with an attacker, Falcon could block that communication. If Falcon malfunctions, it could cause a widespread outage for two reasons: first, because Falcon is widely deployed on many computers, and second, because of its privileged nature.
“Falcon is a bit like antivirus software: it is regularly updated with information about the latest online threats so it can better detect them. There have certainly been cases in the past where antivirus updates have caused problems, like this one.”
“Today’s outage was likely caused by a buggy update to Falcon.”
release date: Radio News Hub
