Banks, airlines, and media organisations in Asia-Pacific were among those affected by the global IT outage linked to Microsoft and cybersecurity firm CrowdStrike.
In Singapore, check-ins were being processed manually at Changi Airport, while Singapore Airlines and its budget airline Scoot experienced similar technical delays.
In the Philippines, at least five major banks— BPI, RCBC, BDO, Metrobank, and UnionBank, as well as low-cost airline Cebu Pacific said they have been experiencing difficulties with some of their services as a result of the global outage.
In India, airline companies Air India, Akasa, IndiGo, SpiceJet, and Vistara were all affected as well, leading to delays in bookings, check-ins, and access to boarding passes.
Meanwhile, Australian flag carrier Qantas, Commonwealth Bank, Sydney Airport, and broadcasters ABC and Sky News were among the impacted organisations down under.
In other parts of the world, US airlines American Airlines, Delta, and United Airlines were affected.
Faulty update?
According to multiple reports, an update to CrowdStrike’s Falcon sensor temporarily disabled Windows machines worldwide, manifested through the infamous “Blue Screen of Death.”
In a recorded phone message on its tech support hotline, CrowdStrike said it was aware of Windows OS crashes related to its Falcon sensor.
Meanwhile, as of 5:45 PM Singapore time, CrowdStrike president & CEO George Kurtz issued the following statement on his X account:
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”
According to one cybersecurity expert, the incident was unprecedented, and its ramifications are still developing.
“The outage affecting computer systems worldwide is severe. It is affecting critical systems, such as those in hospitals, airports, financial institutions and more. For instance, patients aren’t able to get medications in the hospital setting. While the issue is associated with Windows systems, it does not appear to be an issue with Microsoft Windows, but rather, security software installed on millions of Windows computers worldwide. Because this is a security software, it requires a higher level of privileges to the underlying operating system, so a bad or faulty security update can result in a catastrophic impact,” noted Satnam Narang, Senior Staff Research Engineer, Tenable.
Meanwhile, enterprises would benefit from having a cyber-resilience plan, which would minimise impact of any unforeseen circumstance, remarked Jake Moore, Global Security Advisor, ESET.
“Businesses must test their infrastructure and have multiple fail safes in place, however large the company is, but, as is often the case, it is simply impossible to simulate the size and magnitude of the issue in a safe environment without testing the actual network,” he said.
(This is a developing story)