- A global IT outage described by one expert as ‘the largest in history’ disrupted banking, flights and retail operations across New Zealand.
- The issue, linked to an update from cyber security firm CrowdStrike, affected services such as Auckland Transport and St John. Now people are being warned of fake fix phishing attemps by “malicious cyber actors”.
- Acting Prime Minister David Seymour confirmed the outage was not malicious, but IT experts say it could have financial flow-on effects and it could be days before some systems are fully recovered.
- Can I still do my supermarket shopping today? Yes, say supermarkets.
- How to fix the ‘blue screen of death’ on your PC if you have it.
Opportunistic “malicious cyber actors” are trying to take advantage of the global IT outage to rip off unsuspecting users online, the National Cyber Security Centre (NCSC) says.
The Government’s cyber intelligence agency today warned Kiwis to be vigilant as individuals and organisations’ IT systems are slowly returned to normal after cybersecurity company CrowdStrike’s botched software update caused widespread disruption, including to banking services, flights, public transport and supermarket and other retailer purchases.
ASB customers told the Herald this afternoon they’re still experiencing issues with the bank’s app.
“The NCSC has no information to indicate these [outage] issues are related to malicious cyber security activity”, a spokesperson for the centre said today.
“However, there has been an observed increase in phishing referencing this outage as opportunistic malicious cyber actors seek to take advantage of the situation. We encourage organisations and individuals to be alert to this activity.”
More information on how to stay safe online is at the centre’s ownyouronline.govt.nz website.
Australia’s cyber intelligence agency also warned today that “malicious websites and unofficial code” were being released online claiming to help people and organisations recover from the global digital outage, Reuters reported.
“A number of malicious websites and unofficial code are being released claiming to help entities recover from the widespread outages caused by the CrowdStrike technical incident”, Australian Signals Directorate said.
“[We] strongly encourage all consumers to source their technical information and updates from official CrowdStrike sources only.”
Cyber Security Minister Clare O’Neil also warned on social media platform X that Australians should “be on the lookout for possible scams and phishing attempts”.
The true extent of the global IT outage will continue to be felt for days, with the serious consequences similar to a ransomware attack the system is designed to thwart, a tech expert says.
There was a grim irony in the fact CrowdStrike’s technology was designed to prevent malicious attacks on companies’ systems, tech commentator Paul Stenhouse told Newstalk ZB’s Jack Tame today.
READ MORE: CloudStrike bungle is founder George Kurtz’s second worldwide meltdown
Global businesses had “effectively got ransomware attacks” from the company they were paying to protect them from such attacks.
However, the outage was not intentional or malicious.
Instead, it was caused by a “content update” by cyber security firm CrowdStrike that affected software run by Windows computers.
Mac and Linux networks did not seem to be affected, Stenhouse said.
“This is a mess, these are companies that actually were trying to do the right thing,” he said.
“They actually invested in technology to try to prevent ransomware attacks and effectively got ransomware attacks from the very company providing the software to prevent it.
“And while CrowdStrike’s website said it only has around 20,000 customers, these customers are clearly large, large corporations.”
Stenhouse believed one reason the outage became so big was linked to the idea it was caused by a content update rather than a software update.
He said customers of software companies were typically pre-warned about upcoming software updates. That meant they could test the new update and choose when to roll it out across their systems.
However, the “content update” appeared to have been “an automatic update that was sent globally to all of CrowdStrike’s customers”.
Some supermarket self-service kiosks still affected
Supermarkets are open and operating today although some Woolworths self-service desks are still down and displaying the dreaded blue screen of death.
In an update issued this morning, Retail NZ said today’s early indications were that retail and payment systems were back up and running.
“Supermarkets are opening and are not currently experiencing difficulties with payments and point of sale systems, however as this global issue is now in ‘fix mode’ there is the possibility of further outages,” Retail NZ chief executive Carolyn Young said.
“We urge consumers to be patient and if possible to have the ability to pay via cash and/or Eftpos, which was a more stable platform last night due to the agreements amongst banks to be able to transact offline.
“This is still a live issue that will continue to develop over the weekend and it emphasises how much we rely on technology and the cloud to enable us to go about our daily activities. While we are a long way from the United States, we are not immune to being impacted by global events such as what we saw on Friday evening.”
Young said online shoppers may continue to experience delays in purchases being dispatched as retailers would need to wait for confirmation of payment once this issue was resolved.
Will tonight’s $20m Lotto draw have any problems?
If you’re dreaming of striking it rich tonight fear not, a Lotto spokesperson told the Herald that tonight’s $20 million draw would go ahead.
”We’re fine,” she said.
”Our gaming system and our retail system is not affected.”
Hospitals busy but unaffected
Health NZ/Te Whatu Ora says all hospitals are running as usual, and there are no current issues with IT systems that could impact on patient care.
“Our digital staff dealt with limited systems problems in Wellington and Waikato last night, and they were resolved quickly.
“This did not cause delays for people seeking treatment, but it is winter and as expected and planned for, our emergency departments and hospitals continue to be busy.
“Anyone who needs urgent care will receive it and should go to ED or call 111 for an ambulance.”
Air travel returning to normal as school holidays end
Two early-morning international Jetstar flights out of Auckland have been cancelled while travellers have reported being stranded at Wellington airport overnight after airlines and payment systems were among those hit by the global IT outage.
Auckland Airport has asked travellers and families trying to make it home over the last weekend of school holidays to allow extra time as the outage is affecting some airlines and payment systems.
Jetstar’s 6.15am Auckland to Sydney and 7am Auckland to Brisbane flights have both been were cancelled, while a later 1.05pm Jetstar flight to Brisbane is still scheduled.
Flights run by Air NZ, Qantas and Singapore Airlines have all successfully departed this morning.
Auckland Airport said on its Facebook page it was operating as normal.
‘NZ has got off luckier than some other countries’
New Zealand appeared to have avoided the worst of the global CrowdStrike IT glitch, Acting Prime Minister David Seymour said today.
“The software fix is in, it’s been installed, government departments have not lost any critical services at any time,” Seymour told RNZ.
“I’ve been in touch with the New Zealand Banking Association – they say it’s likely that they’re going to be at business as usual with banking today, although they haven’t confirmed that with me absolutely.
“So it looks like, by and large, New Zealand has got off luckier than some other countries around the world. We will continue to face delays in flights that have originated at foreign airports, but that is something that will work itself through as it does, occasionally, when there are weather events and so on.”
Companies Office records reveal CrowdStrike has far less revenue in New Zealand than in Australia, indicating it has fewer customers on this side of the Tasman.
‘Largest IT outage in history’
The global IT outage has been described by one cyber security expert as “the largest in history”.
Banking services were downed, flights and public transport systems were disrupted, and electronic purchases in supermarkets and shops weren’t going through.
Online operating systems across New Zealand, Australia and around the world were brought to a halt yesterday.
In New Zealand, outages included nationwide bank payment systems in addition to global network problems with television and Microsoft services.
Parliamentary computer systems were affected, according to Rafael Gonzalez-Montero, head of the parliamentary service.
Herald readers have spoken of queues at supermarkets due to checkouts going down and commuters being unable to tag on or tag off with Auckland Transport Hop cards.
Issues with debit and credit cards including ASB, ANZ and Kiwibank were reported.
“No one will be able to pay for their Friday night beersies,” one person told the Herald.
The problem was believed to have been caused by an update by cyber security firm CrowdStrike.
CrowdStrike CEO George Kurtz said the IT issue had been identified and a fix has been deployed.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted.
“This is not a security incident or cyber attack. The issue has been identified, isolated and a fix has been deployed.”
READ MORE: Who is CrowdStrike? And why its fix could take days to fully implement
Young told RNZ many stores would be “opening first thing in the morning and looking for this to be resolved”.
“Largely it’s out of our hands,” she said.
The outage also impacted St John ambulance.
National ambulance controller Doug Gallagher said Hato Hone St John was alerted to the global Windows issue yesterday evening and immediately activated a business continuity plan.
Even KFC was affected, the fast food giant posting that its online ordering was down due to global payment provider issues.
Cash and some cards were being accepted in-store, it said.
“Was bloody chaos down at the supermarket,” a Herald reader wrote on social media.
“The self-checkouts all started running into errors and resetting themselves too. By the time I got to the front of the line, there were only two or three that remained working.”
“I went into Chemist Warehouse today and Woolies and both had at least one computer system with a BSOD [blue screen of death] problem, with the Chemist Warehouse one stuck in a reboot and BSOD loop,” another said.
“Yeah, we experienced the outage at around 5.15pm at my work, all systems went down, not just payment systems. Customers were very angry. Reminder be kind to cx service reps!” one person posted to Reddit.
But some Kiwis saw the funny side, with one posting: “I have cash and chardonnay just in case Western civilisation falls over this evening.”
Seymour said a “whole of government response” was launched last night into the global outage.
The outage was not malicious, he said. While it was inconvenient to many Kiwis, essential services were still working, and systems and services were already coming back online as organisations applied the patch provided by CrowdStrike.
“The Government has worked quickly to understand the impacts of this issue and minimise them wherever possible.
“We appreciate the inconvenience this is causing for the public, retailers and businesses. The Government is closely monitoring developments and will continue to provide updates.”
Flights were disrupted last night, with Jetstar cancelling all flights until at least 2am Saturday. Overseas, major airlines were grounded in the US and Europe, stranding thousands of travellers.
Cyber security expert Paul Spain said billions of dollars of productivity and commerce would have been lost across the world due to this outage.
“People won’t necessarily be able to catch their Ubers, and then there is a flow on. What happens when you can’t pay for something you’re used to paying for because of technology.”
What disruptions have been reported?
- Berlin Airport temporarily halted all flights, a spokesperson told Reuters. Lufthansa’s Eurowings said it was halting domestic German flights as well as flights to and from Britain until 3pm local time.
- Spanish airport operator Aena reported a computer systems incident, while Lisbon airport, Portugal’s biggest, also experienced disruptions. Amsterdam’s Schiphol Airport and Brussels Airport were also reportedly affected.
- Top Dutch airline KLM said it could not handle flights on Friday and had suspended most of its operations. Air France, KLM’s parent company, also said its operations were disrupted.
- Turkish Airlines was experiencing problems with ticketing, check-ins and booking, it said in a post on X. Budapest Airport said several airline check-in systems were out of operation.
- Major US carriers including American Airlines, Delta Air Lines and United Airlines halted flights on Friday morning, citing communication issues. American Airlines later said it had re-established operations. Frontier and Spirit cancelled directives to ground planes.
- Ryanair said it had cancelled a small number of flights.
- An SAS spokesperson said the Scandinavian airline was expecting delays.
- Qantas and Sydney Airport said planes were delayed but still flying.
- Swiss air traffic control company Skyguide said it had temporarily reduced Swiss air traffic capacity by 30%.
- Roughly 90% of flights at London Gatwick Airport and London Stansted Airport had been delayed or cancelled.
- Indian carriers including SpiceJet, Indigo, Akasa Air, Vistara, Air India and Air India Express were also experiencing problems on Friday.
- Philippines’ Cebu Pacific Air said it was facing technical issues and system downtime due to the Microsoft outage.
Financials
- Australia’s largest bank, Commonwealth Bank, said earlier issues affecting PayID instant transfers had been resolved. Services including Netbank, the CommBank app, CommBiz, merchant payments and ATMs were available.
- Several major oil and gas trading desks in London and Singapore were struggling to execute trades, six industry sources told Reuters. The Singapore Exchange said some services including its price feed web service were momentarily impacted.
- Macquarie Capital was unable to provide liquidity for unexpired warrants on HKEX.
- Services of South African lenders Capitec Bank and Absa were fully restored after experiencing disruptions.
- London Stock Exchange Group’s Workspace news and data platform suffered an outage that affected user access worldwide, causing disruption across financial markets. It said in a client memo that technical problems on FX spot and forward rates had been resolved and services restored.
- Some brokerages in India were facing technical difficulties, traders at the brokerages told Reuters.
- German insurer Allianz said it was experiencing a major outage that was impacting employees’ ability to log on to their computers.
- Some German banks were facing disruptions, a spokesperson for the Deutsche Kreditwirtschaft financial industry association said on Friday, without providing details.
- Barclays said its Smart Investor digital investing platform had been impacted.
- Brazilian lender Bradesco said its digital platforms were unavailable on Friday.
Media
- Britain’s Sky News resumed broadcasting after an hours-long outage but was operating at minimal capacity and without many of its usual services.
- Australia’s state broadcaster, ABC, said it was experiencing a “major network outage”, without giving a reason.
- Regular programming at Sky News Australia was disrupted.
Emergency services, healthcare
- England’s National Health Service said bookings of doctor appointments and patient records were disrupted, but emergency services had not been affected.
- Several hospitals in the Netherlands had to scale down their operations, Dutch press agency ANP reported.
- Victoria state police in Australia said some internal systems had been hit, but emergency services were operating normally.
- Copenhagen’s fire department said on X it was experiencing problems receiving automatically transmitted fire alarms, and urged people to call 112 in case of a fire.
- Two hospitals in the northern German cities of Luebeck and Kiel cancelled elective operations scheduled for Friday.
- Non-profit US hospital chain Mass General Brigham said the outage affected many of its systems. Due to the severity of the issue, it cancelled all previously scheduled non-urgent surgeries, procedures and medical visits for the day.
- Quest Diagnostics said its patient services and customer contact teams in the US were operating with reduced capacity and patients might experience longer waiting and service times.
- US laboratory service provider Labcorp said the outage was impacting some of its business systems, call centre operations and results delivery, including physician and patient portals.
- Hospital operator Providence said it restored a key functionality allowing nurses, physicians and caregivers across the US to access patient records and perform clinical documentation, but other clinical applications and workstations were still impacted.
Shipping and logistics
- Maersk said the outage affected some of its operated terminals, but all were back in operation within a few hours.
- FedEx said it experienced substantial disruptions throughout its networks and warned of potential delays for package deliveries with a delivery commitment of July 19. Rival UPS also warned of potential delivery delays.
- Railroad operator Union Pacific said the CrowdStrike software outage had “varying levels of impact” across its network, but backup protocols helped it communicate with its teams and dispatchers.
Others
- Critical infrastructure in Germany had been affected, an interior ministry spokesperson said.
- Australia’s Telstra Group was facing disruptions to some of its systems, a spokesperson for the telecom firm told Reuters.
- The Baltic Hub container terminal in the Polish city of Gdansk said it was hit by the global outage in Microsoft systems and was working to solve the issue.
- The Paris Olympics organising committee said the cyber outage was slowing its operations, but the impact was limited and ticket sales were unaffected.
- The United Arab Emirates foreign ministry said its electronic systems were functioning normally again.
- Maruti Suzuki, India’s largest carmaker, said it briefly halted production and despatch operations. It resumed operations and did not expect a material impact from the incident.
- Port Houston said two of its terminals experienced system failures as part of the global tech outage. All systems were later up and running.
- US telecom giant Verizon initially said “global IT issues” might impact some of its services and store operations could be limited, but its network was not impacted.
- Football club Manchester United said on X that it had to postpone a scheduled release of tickets.
- with Reuters
