Boss of company behind global IT outage 'sincerely apologises' for worldwide chaos sparked by software bug

19 July 2024, 22:35

The boss of a company whose error caused a global IT outage that has sparked chaos worldwide has apologised for the software bug.

George Kurtz, the CEO of cybersecurity firm Crowdstrike, whose defective update caused Windows systems across the globe to crash, said he wanted to "sincerely apologize" for the disruption to travel, healthcare and businesses.

He added: "Nothing is more important to me than the trust and confidence that our customers and partners have put into CrowdStrike.

"As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again."

Mr Kurtz did not give a time frame for when the issue would be resolved, saying only that it would take "some time" in an earlier interview.

Tesla and X owner Elon Musk went as far as to brand today’s outage the

The specific cause of the failure, which Elon Musk called the “biggest IT failure ever", relates to an update implemented on Windows devices.

And while Crowdstrike has told users it has fixed the main cause of the mass outage, experts have warned delays, cancellations and other bugs could take "thousands of hours".

Andrew Peck, a cybersecurity expert at Loughborough University, said that some of the critical infrastructure affected by the outage might be in remote areas and will need to be accessed.

Hundreds of thousands of machines would need to be visited and fixed in person by IT workers, he told CNN.

This could take "thousands of hours and millions, potentially billions of dollars," he warned.

Earlier, researcher Kevin Beaumont explained how the systems would need to be started in ‘Safe Mode’, to remove the faulty update.

Read more: Global IT outage LIVE: CrowdStrike outage could be ‘biggest cyber incident in history’ as GP surgeries and banks hit

He added: "This is incredibly time-consuming and will take organisations days to do at scale. Essentially we have one of the world’s highest impact IT incidents caused by a cyber-security vendor."

Mr Kurtz earlier told NBC it was the firm's "mission" to make sure every one of its customers recovers from the outage.

"We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our companies," he said.

“Many of the customers are rebooting the system, and it’s coming up, and it’ll be operational because we fixed it on our end,” he said.

“We’re just trying to sort out where the negative interaction was,” he added of the buggy update that affected Windows PCs.

While CrowdStrike says it has issued a fix, this will be applied to each device separately, and some have claimed it to be ineffective.

Microsoft has even advised users to restart their devices as many as 15 times in a bid to repair the issue.

Air travel was especially hard hit by the outages, with over 5,000 flights cancelled worldwide as of Friday evening UK time, according to analytics firm Cirium.

"This equates to 3.9 per cent of all scheduled flights globally [with] 143 flights cancelled departing UK airports so far (4.6 per cent of all scheduled departures), with a further 142 inbound arrivals cancelled," they added.

Gatwick, the UK's second-biggest airport, said on Friday evening that it expects most of its flights to operate as normal on Saturday.

Heathrow said earlier on Friday evening that the majority of flights are taking off and arriving as planned. Stansted and Manchester Airports said that check-in systems were still affected, which was causing longer queues than usual.

But a spokesperson warned: "Some delays and cancellations will however continue this evening and over the weekend. We strongly advise passengers to check with their airline for the latest updates."

It it is likely the effects of today’s outage will continue at least into next week for holidaymakers.

Airline Ryanair has even taken the step of sending travellers home from airports as flights continue to remain grounded.

Ryanair told passengers: "If your flight has been cancelled, we kindly request that you leave the airport as the IT outage means we cannot currently assist passengers at the airport."

Edinburgh Airport added: "Anyone whose flight is cancelled is asked to please leave the airport and contact their airline directly."

The chaos caused by today’s outage has underscored the need for stronger protections in the future, experts have said.

Friday was the busiest day of the year so far for UK air travel with 3,214 departing flights as thousands of families embark on summer holidays at the end of the academic year for many schools.

Several US carriers grounded flights, including United, American Airlines and Delta.

Meanwhile train service information website National Rail Enquiries warned passengers of "widespread IT issues across the entire network", although most train services ran as scheduled.

South Western Railway said all its ticket vending machines had stopped working due to IT issues.

Thousands of GP practices have been affected, with NHS England confirming there has been an issue with the EMIS Web system, which is understood to be used by about 60% of practices in England.

Health Secretary Wes Streeting wrote: "This is having a particular impact on GP appointments and electronic prescribing.

"Please bear with your local GPs if they're grappling with this on top of normal pressures."

A string of ambulance services reported seeing increased demand on their 999 and NHS 111 services, including London Ambulance Service (LAS), South Central Ambulance Service (SCAS), South East Coast Ambulance Service (SECAmb) and North East Ambulance Service (NEAS).

LAS received a third more calls by 2pm on Friday than it would usually receive in a 24-hour period, according to its chief executive.

Daniel Elkeles said: "Following the global IT outage that has impacted some NHS services across the capital, our call handlers and ambulance crews are incredibly busy with huge increases in the number of calls to both our 999 and 111 services.

"In fact, by 2pm today, we had received more than 3,000 999 calls and 3,000 calls to our 111 services - this is a third higher than we would usually receive in a full 24 hour period."

Matt Hull, Global Head of Threat Intelligence at global cyber security organisation, NCC Group told LBC: “Organisations across all sectors and of all sizes must focus on enhancing their cyber resilience.

“This involves a multifaceted approach that prioritises the development and implementation of comprehensive incident management plans.

“Regular security assessments are essential to identify and address vulnerabilities before they can be exploited. Continuous monitoring and testing of systems help ensure that defences are up-to-date and effective.

“Investing in advanced security technologies is also vital. Tools such as intrusion detection systems, firewalls, and encryption can provide additional layers of protection.”