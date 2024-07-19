Home page World

An IT malfunction is causing major problems around the world. But who was affected by the chaos? And how did it even get to this point? Questions and answers.

Munich – One small mistake and many parts of the world drift into chaos. This happened on Friday, when an IT malfunction caused problems at airports, supermarkets and even in companies and hospitals around the world. Travelers in particular suffered from the situation, and pictures of huge queues at airports around the world were spread online. The BER airport in Berlin was badly affected, for example, where all take-offs and landings were banned for a while due to the IT malfunctions, and planes ready to land had to circle in the air due to the IT failures.

Even though some problems were gradually resolved, the effects will continue to be felt beyond Friday. And the disruption could also be expensive. Experts are already expecting billions in damage. But how did this huge problem come about in the first place? And who was actually affected? Questions and answers about the global IT chaos.

IT outages are causing major disruptions around the world – what caused the disruptions?

The problems were caused by a faulty update for Windows computers from IT security service provider Crowdstrike, which was rolled out to its customers overnight. Several hours after the outages began, Crowdstrike CEO George Kurtz announced that the error had been discovered and fixed. However, in order for everything to work again, customers’ systems had to be updated first.

Those affected by the global problems: Who was affected by the IT disruption?

The problems were most visible in air traffic. Berlin Airport had to suspend operations due to the global IT disruption at the beginning of the holiday season. The airline Eurowings cancelled all domestic flights as well as those to and from Great Britain with departure times up to 3 p.m. In the USA, the FAA temporarily stopped flights by airlines such as United, American and Delta. In northern Germany, several clinics cancelled planned operations due to the IT failures.

In Great Britain, a system for booking doctor’s appointments in the NHS was paralyzed. But the British television station Sky News and the London Stock Exchange also struggled with problems. The food retailer Tegut was also hit. Because the cash register systems were not working, 340 branches in Germany were temporarily closed.

Chaos at airports: A global IT disruption is causing problems for people.

IT disruption paralyzes airports – cyber attack including data leak or simple technical problem?

However, it was not a cyber attack. Crowdstrike boss Kurtz expressly stressed that the cause was neither a cyber attack nor a security incident. In the past, there had been cases in which a vulnerability in computers with older Windows systems was exploited by so-called Trojans that spread around the world. One such attack using the WannaCry malware paralyzed several hundred thousand computers in May 2017, for example, and disrupted the displays at train stations in Germany, among other things. There was also apparently no data leak, only computers belonging to airlines and other companies no longer worked.

It triggered the IT chaos: What is the company Crowdstrike?

The American company Crowdstrike plays a central role in protecting against IT threats and secures websites, among other things. The service in question, called Falcon Sensor, is designed to prevent attacks by monitoring activities in computers as a kind of early warning system. “It is somewhat ironic that a system that is supposed to protect computers and keep them running is disrupting them,” commented IT security expert Mikko Hypponen from the company WithSecure.

Crowdstrike as a trigger for IT problems: How could the disruption occur?

Normally, such updates are thoroughly tested before they are widely deployed. Crowdstrike will now have to explain why an obviously serious error in the software was overlooked. In the past, there have been cases in which websites of various providers were inaccessible due to problems with a software service provider. But Friday’s outage was more serious.

In recent years, concentration in the software business has increased, partly through takeovers. Large corporations with many customers can operate much more efficiently – and increase the price pressure on smaller rivals. If they also develop innovative technologies such as Crowdstrike, a few players suddenly become omnipresent. This is certainly risky and there have been repeated warning voices. For example, Oxford researcher Brian Klaas warned in his book “Fluke” that these systems, which are optimized down to the last detail and connected worldwide, represent a potentially catastrophic risk. And the hack of the software service provider SolarWinds was already an alarm signal: in 2019, attackers used the maintenance specialist’s programs to gain access to the systems of its numerous customers, including US authorities.

BSI assesses: What are the consequences of the global IT outage?

Claudia Plattner, President of the Federal Office for Information Security (BSI), pointed out the consequences of the outage: “Critical infrastructures are also affected, namely those that use precisely this software.” The BSI currently has at least 17 reports from operators of critical infrastructures. Plattner pointed out that the repairs can be very complex. “In the worst case, each affected computer has to be worked on individually.” In the aftermath of the crisis, we will have to talk about what quality assurance looks like at Crowdstrike and Microsoft. “But for the moment, of course, we are fully focused on overcoming the crisis.” (dpa/hs)