A mass IT outage is causing chaos globally, with planes grounded and businesses disrupted. A number of airports have been affected, amongst them Luton and London City, as Windows PCs display the dreaded 'blue screen of death' across the globe.

Sky News was amongst the broadcasters taken offline earlier this morning as a result of a CrowdStrike cyber software update issue that started yesterday evening. The NHS, some train operators, banks, payroll systems, utilities and telecoms companies have also been taken offline. Supermarkets were also impacted, with some branches only accepting cash payments in a post-pandemic volte-face, and others opting to close.

CrowdStrike CEO, George Kurtz, issued the following statement on X at 10:45 this morning: "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyber attack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organisations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of CrowdStrike customers."

The ongoing outage underlines the pressing need for cyber-physical risk management in an increasingly connected world, particularly for critical national infrastructure, and other business-critical operational technologies.

Sarah Pearce, partner and UK head of cyber and data privacy at global law firm Hunton Andrews Kurth, commented: "This incident highlights the importance of digital operational resilience and the potential impact such an event can have on critical infrastructure. It reiterates the need for organisations to ensure that they are cyber-ready and have robust data security controls in place. Being prepared will mitigate financial and reputational impact.”

Cyber insurance

Some commentators anticipate an uptick in cyber claims, and potentially even changes in some policy wordings, as a result of the incident.

Will Davies, an insurance specialist at PA Consulting, commented: “We can expect to see a considerable increase in cyber insurance claims and coverage adaptation. The disruption will prompt companies to reconsider their supply chain and third-party dependency for service provision. With the uptick in AI, multiple insurers are still in transition to cloud solutions, without formalised disaster recovery plans in place and a sizeable reliance on single cloud provision.”

The biggest impact, he says, will likely be on SMEs. “There’s also the potential for more cyber fraud, as criminals jump on the back of these outages so a time for increased vigilance too,” he added.

Matt Wood, the Lloyd’s Market Association’s head of technology, added: “While we are still working hard to understand the impact of this outage on our members and the insurance industry more widely, we believe that from an operational resilience viewpoint a one-day outage will be comfortably within impact tolerances for most important business services. Clearly this situation could change if remediation of the outage pushes well into next week firms will have to start considering appropriate workarounds. More broadly, the speed and scale of this outage reminds everyone that a technology failure on this scale can have major ramifications for global supply chains and highlights again the risk of interdependence of third party systems.“

Commenting on the impact on supply chains, Mike Maddison, CEO of global cyber security organisation, NCC Group said: “Incidents of this nature do occur in a connected world that is reliant on technology. Disruption at one stage in a digital supply chain can have a ripple effect all the way throughout it. We’ve seen this today, with the incident having a tangible impact across the globe, from aviation to banking and healthcare. It highlights the critical need for organisations to take cyber resilience seriously, and ensure they have an incident management plan in place should situations like this occur. Impacted organisations should, if they have not already, take immediate action and follow the remediation advice issued by CrowdStrike on their support portal."

The UK's National Cyber Security Centre says cyber-physical risk requires "concerted and significant collaborative effort from multiple and diverse disciplines" over the next decade.

The UK Government is planning a COBRA meeting to coordinate response to what, over the course of one day, has become one of the most major IT outages of recent times.


This story has been updated.

---