Mass IT outage shows how exposed services are, says expert

The incident has affected trains, planes, the NHS and media organisations.

Aine Fox
Friday 19 July 2024 07:29 EDT
The mass IT outage highlights the need for greater resilience, an expert said (Niall Carson/PA)
The mass IT outage highlights the need for greater resilience, an expert said (Niall Carson/PA) (PA Archive)

Your support helps us to tell the story

This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.

The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.

Help us keep bring these critical stories to light. Your support makes all the difference.

A widespread IT outage affecting sectors from the NHS to transport and banking to media has been described as an unprecedented sign of how exposed services are with a potential overreliance on certain operating systems.

The major disruption could prompt a rethink on whether the most resilient operating systems are being used and whether it is “lazy” to stick with what we know, according to cybersecurity expert Dr Harjinder Lallie.

The associate professor at the University of Warwick described the situation as an IT “catastrophe”.

We didn’t know how exposed we were until this happened. Now it’s happened we’re tracing it back and realising ‘crikey, how much reliance we have on these two systems’

Dr Harjinder Lallie

He said: “The worldwide IT outage experienced this morning is unprecedented in the range and scale of systems it has impacted.”

He added: “This IT ‘catastrophe’ highlights the need for greater resilience, a greater focus on back-up systems, and possibly even a need to rethink whether we are using the most resilient operating systems for such critical systems.”

Global cybersecurity firm CrowdStrike, which provides cyber attack monitoring and protection to many major businesses, has said the problem was caused by a “defect found in a single content update for Windows hosts”, adding that it was not a security incident or cyber attack.

Dr Lallie told the PA news agency: “We have here a particular combination of tools – an operating system and a tool at the other end and once you put those combinations together you suddenly find that it’s impacting a lot of systems. There is an over-reliance on a) Microsoft b) in this case CrowdStrike at the other end.

“Somewhere between the two there’s been a problem which has caused what is an absolutely unprecedented global outage.

“I’ve never seen anything like this before. We had the NHS, WannaCry (ransomware attack), that was serious. But this is planes, TV stations, it’s such a massive impact.”

He said the issue has demonstrated how exposed companies and services can be.

He said: “We didn’t know how exposed we were until this happened. Now it’s happened we’re tracing it back and realising ‘crikey, how much reliance we have on these two systems’.”

He suggested there could be more diversity in use of different operating systems.

He said: “Windows is brilliant, Microsoft is brilliant but there are other operating systems that we could be using in certain mission-critical systems and companies need to think very carefully about, in this particular scenario, is Microsoft the best option or should we actually take the plunge and go with another operating system?

“I don’t know if those conversations are being had or if we are, excuse the term, being lazy and just sticking with Microsoft because we know Microsoft really well.”

Asked why this might be, he said the “massive” cost of training staff on new systems could be a consideration.

Technology expert Dafydd Vaughan, chief technology officer at consultancy Public Digital, also highlighted the issues around supply chains and said the Government should seek to do more to boost competition.

“EMIS – a major provider of services to GP surgeries, handling health records, appointment bookings and more – is used in more than 60% of GP surgeries in England and Wales, and today those surgeries will not be able to operate in their normal way,” he said.

“The Government needs to consider the risk that comes with so few companies controlling so much of our essential infrastructure.

“In all industries, Government should see the value of more competition in their supply chains, and work to increase the number of companies that provide these essential services and avoid monopolies controlling our national infrastructure.”

Professor Ciaran Martin, who was the founding chief executive of the National Cyber Security Centre (NCSC), said early indications appeared to suggest an update by global cybersecurity firm CrowdStrike “seems to have been misconfigured in such a way that it wrecks (Microsoft) Windows”.

He told BBC Radio Four’s Today programme: “So if a company is using both CrowdStrike and Windows for its operating system, it seems that they get what people in the trade call the ‘blue screen of death’, and Windows doesn’t work.

“And that’s why airlines aren’t able to process, presumably why Sky hasn’t been able to broadcast. It’s also why just simply for timezone reasons it seems to be emerging first in Australia.”

He said companies usually spend “a lot of time, money and effort” making sure complex IT systems are compatible and can interact without something like this happening.

He said: “Most of the time that works. Occasionally, it doesn’t”, adding that it is “very rare to be as serious as this”.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in