More flight cancellations and delays expected in wake of global IT outage

Flight delays and cancellations are among the disruption expected to continue into the weekend after a global IT outage, as experts warned it could take weeks for systems to fully recover.

A flawed update rolled out by cybersecurity firm CrowdStrike knocked many offline around the world on Friday, causing flight and train cancellations and crippling some healthcare systems.

A fix was deployed for a bug in the update, which affected Microsoft Windows PCs, on Friday afternoon, with the chief executive of the company at the centre of the outage warning it would take “some time” for systems to be fully restored.

George Kurtz also apologised for events, saying he is “deeply sorry”, and made clear it was “not a security or cyber incident”.

In a technical statement, CrimeStrike said a “sensor configuration” had “triggered a logic error” which the company said had been corrected.

Airports across the UK – including London Gatwick, Heathrow Airport, Manchester Airport and Belfast International Airport – stressed that passengers should check with airlines for any delays or cancellations before travelling over the weekend.

A spokesperson for London Gatwick said: “Following earlier global issues, our airport IT systems are now operating as normal and we expect the majority of our flights to operate as usual tomorrow.

“Some delays and cancellations will however continue this evening and over the weekend. We strongly advise passengers to check with their airline for the latest updates.”

A spokesperson for Manchester Airport said: “Check-in and boarding for the affected airlines are being carried out manually and are taking longer than normal resulting in some long queues at check-in.

“Some flights may be impacted by delays and schedules have been affected by issues caused by the effects of the global IT outage at airports all over the world. This means some flights could be cancelled by airlines at short notice.”

Some 167 flights scheduled to depart UK airports were axed on Friday, with others delayed, while 171 flights due to land in the UK were cancelled, following the technical glitch.

Aviation analytics company Cirium said 5,078 flights – or 4.6% of those scheduled – were cancelled globally on Friday, including the 167 UK departures.

Away from travel, the National Pharmacy Association warned disruption to pharmacy services is likely to continue through the weekend, even when systems are back online, as outlets deal with a backlog of medicine deliveries.

Industry expert Adam Leon Smith of BCS, the Chartered Institute for IT, warned that it could even take “weeks” for all computers and systems to be fully restored.

“The fix will have to be applied to many computers around the world. So if computers are getting blue screens and endless loops, it could be more difficult and take days and weeks,” he said.

Professor Ciaran Martin, the founding chief executive of the National Cyber Security Centre (NCSC), also said it was hard to estimate how long it would take to recover from the outage.

“The underlying problem is fixed and the fixes are being implemented,” he said.

“Some industries can recovery quickly. But others like aviation will have long backlogs. That said, I’d be surprised if we were still facing serious problems this time next week.”

Experts warned users to “remain vigilant” against potential scams as systems recover.

In a letter to customers and partners, Mr Kurtz said: “We know that adversaries and bad actors will try to exploit events like this.

“I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

The NCSC highlighted an increase in phishing referencing the outage.

On its website, the company urged organisations to ensure mitigations are in place and advised individuals to be alert to suspicious emails or messages.

“Note that an increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the NCSC said.

CrowdStrike’s stock tumbled in value when the US markets opened on Friday as investors digested the impact of the outage.

Shares slid by over 8% at the start of trading, knocking around 10 billion US dollars (£7.8 billion) off its market value. The largest financial markets in the US and UK fell during the trading session as other companies were also affected.

The flawed update caused major infrastructure to grind to a halt with computer systems knocked offline, and many devices were showing the so-called “blue screen of death” as they got stuck in an endless cycle of trying to reboot themselves, affecting key sectors across the country.

The outage caused disruption in “the majority of GP practices”, NHS England said, and ambulance services also reported increased pressure on 999 and NHS 111 services with calls from patients who were unable to contact other NHS providers because of the IT issues.

Across England, GP surgeries reported being unable to book appointments or access patient records as their EMIS Web system went down.

In the UK, Sky News briefly went off air on Friday morning and Britain’s biggest train company Govia Thameslink Railway warned passengers to expect disruption because of “widespread IT issues”.

Around the world, banks, supermarkets and other major institutions reported computer issues disrupting services, while many businesses were unable to take digital payments or access key databases.

Microsoft deputy chief information security officer Ann Johnson described the outage as “a very major issue” and could not predict how long it would take to get all customers back online.