Global Tech Outage Highlights Cybersecurity Vulnerability

Services from airlines to healthcare, shipping, and finance were coming back online on Friday after a global digital outage disrupted computer systems for hours, exposing the vulnerability of the world's interconnected technologies.

After the outage was resolved, companies faced backlogs of delayed and canceled flights, medical appointments, missed orders, and other issues that could take days to rectify. Businesses are also challenged to find ways to prevent future blackouts caused by technology intended to secure their systems. A recent software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, triggered system issues that grounded flights, knocked broadcasters off the air, and left customers without essential services such as healthcare or banking.

Since the COVID-19 pandemic erupted in 2020, governments and businesses have grown increasingly reliant on a few interconnected technology firms. This dependency explains why a single software issue had widespread ramifications. The outage spotlighted CrowdStrike, an $83 billion company with over 20,000 global subscribers, including Amazon and Microsoft. CrowdStrike CEO George Kurtz stated that a defect was identified in a single content update for Windows hosts affecting Microsoft customers.

"We deeply regret the impact caused to our customers, travelers, and anyone affected, including our company," Kurtz told NBC News. "Many customers are rebooting their systems, and operations are resuming." CrowdStrike dominates the highly competitive cybersecurity market, prompting some analysts to question whether the control over critical operational software should rest with a few companies.

The outage also accentuated concerns that many organizations are ill-prepared to implement contingency plans when an IT system or software component fails. Experts say such outages are inevitable until better back-ups and more contingencies are built into networks. CrowdStrike's shares fell 11%, while some competitors like SentinelOne and Palo Alto Networks saw gains. Microsoft shares dipped by 0.7%.

Despite the massive but unquantifiable scope of the outage, involving only systems running CrowdStrike software, Microsoft's Ann Johnson stated that hundreds of engineers are working with CrowdStrike to restore services. U.S. President Joe Biden was briefed on the situation. The U.S. Cybersecurity and Infrastructure Security Agency observed hackers exploiting the outage for malicious activities while U.S. Customs and Border Protection reported processing delays affecting international trade and travel. The Dutch and UAE foreign ministries also reported disruptions.

"This event serves as a reminder of how complex and interconnected our global computing systems are and how vulnerable they remain," said Gil Luria, senior software analyst at D.A. Davidson. "CrowdStrike and Microsoft will need significant effort to prevent future failures of this magnitude."

Wall Street's primary indexes fell on Friday, exacerbated by a sell-off in tech stocks and mixed earnings reports, with the Cboe Volatility index—the market's "fear gauge"—reaching its highest level since early May, and the dollar rising as the cyber outage unsettled investors.

Air travel was heavily impacted, as the disruption rippled into lengthy delays. Of more than 110,000 scheduled commercial flights on Friday, 5,000 were canceled globally, with more expected, according to Cirium. Delta Air Lines was among the hardest hit, canceling 20% of its flights, with more delays anticipated through the weekend.

Airports worldwide resorted to handwritten boarding passes, causing further delays. Banks, financial services, and insurers warned of disruptions, and U.S. healthcare providers reported outages affecting call centers and patient portals. Multiple companies began reporting service normalization by day's end, including Spanish airport operator Aena and U.S. carriers United Airlines and American Airlines. U.S. Transportation Secretary Pete Buttigieg stated that transportation systems were near full recovery.

(With inputs from agencies.)