On Friday 19 July, a worldwide IT outage caused flights to be grounded, GP appointment systems to stop and payment systems to halt. London taxi drivers could not take card payments and Sky News went off air. The billboards in Times Square, New York, went dark.
The cause of this major disruption was a failure in the security software CrowdStrike which is used by business, healthcare and government services worldwide. When CrowdStrike pushed its latest software update to customers worldwide, it caused a major bug resulting in Windows computer systems immediately crashing and displaying the so-called ‘blue screen of death’, a critical error message. Microsoft estimated that around 8.5 million Windows systems were disabled by the outage. ‘This is basically what we were all worried about with Y2K [a predicted global computer outage at the turn of the millennium], except it’s actually happened this time,’ tweeted Troy Hunt, a cybersecurity consultant.
CrowdStrike is an IT company based in the US state of Texas, which had a market value of $83bn, until its share value declined 19% following the outage. Its product, Falcon Sensor, is an Endpoint Detection and Response (EDR) solution, intended to block hackers and malware (computer viruses). It is a complex software requiring privileged access to parts of a computer to do its job. EDRs like CrowdStrike are often listed as a requirement, essentially a box ticking exercise, in business contracts to safeguard against cyber-attacks. According to the company’s website, CrowdStrike is utilised by 298 Fortune 500 companies, 43 out of 50 US states, and eight of the top 10 firms in the food and beverage, automotive, financial services, and technology sectors. It holds 24% of the EDR market share and its owner George Kurtz owns a $4.2 billion stake in the firm.
The outage forced airlines including United, Delta, American Airlines and Ryanair, Europe’s largest airline, to ground flights. In the US over 2,000 flights were cancelled on Friday morning. Check-in services and departure boards were broken leading to delays at many airports including in Berlin, Edinburgh, London, Manchester and across Spain. In Britain train lines such as Govia Thameslink, Avanti West Coast, Great Western Railway, Hull Trains, and more, were disrupted causing delays and problems with departure boards.
GPs reported being unable to accept any new appointments as their Medical Management System and patient records systems were affected. Online booking and phone lines were also down. This placed huge pressure on 999, which received more than its entire 24 hours quota of calls before 2pm. A critical incident was declared at the Royal Surrey hospital as it struggled to conduct radiotherapy appointments due to the Varian oncology system going down. The NHS spent £130m on new radiotherapy equipment in 2019, including on equipment from Varian.
In South Africa two major banks said customers reported being unable to use their cards at grocery stores, petrol stations or use ATMs. British banks like Monzo and Metro Bank reported problems with phone lines and card payments. A major container hub in Gdansk, Poland, had to close entry gates and business was suspended. Car manufacturer Tesla had to halt some production lines.
In the US states of Alaska, Arizona, Indiana, Minnesota and Ohio, emergency services operating via the 911 number were not able to take calls. All of Maryland’s judiciary systems were closed except for ‘emergency matters’. Payroll software companies rushed to fix their systems before the next end of month payroll date.
The financial damage caused globally by the outage is estimated to be at least $10bn. Due to the ever growing monopoly of the technology industry, companies are forced to base their entire infrastructure around a single provider, ‘for operating system, cloud, productivity, email, chat, collaboration, video conferencing, browser, identity, generative AI and increasingly security as well,’ as stated by CrowdStrike vice-president, Drew Bagley. Bagley is referring to Microsoft which dominates the world’s IT systems. Both Microsoft and Amazon dominate the cloud-computing business where many companies and governments store and process data. Both companies rank in the top five worldwide for total market value of outstanding shares of stock (‘market cap’), alongside Apple, NVidia and Alphabet (Google).
Services and businesses often rely on systems which utilise hundreds of machines to operate. These computers often run in data centres in varied and remote locations. Despite a fix for the Crowdstrike bug becoming rapidly available, it had to be manually installed on servers by engineers on site or guided by remote engineers. Some engineers reported they could not reboot systems because they did not have the required encryption keys, which were also stored on systems that were down (The Register, 19 July). Some organisations may have thousands of PCs in different locations which require fixing, a process that could take weeks.
The episode has revealed that the world capitalist system is heavily reliant on a monoculture of digital systems, which are increasingly complex and vulnerable to bugs and malware which can result in catastrophic failure. In the tech industry and across the workforce, workers are being laid off in record numbers in the race for profits, as companies turn to cloud and AI systems. Workers are still required for services to operate, yet find themselves increasingly alienated from the systems they must manage. Businesses are facing ever increasing IT costs, for cloud, back-up and operation, having to invest deeper into contingencies to avoid outages that disrupt profits. Due to the increasing reliance on digital systems, businesses and governments face an increased risk of cyber-attacks, so are forced to push out global software updates quicker to reduce vulnerability. Systems are so complex and automated, often workers have no way to fix them. Centralised IT systems, designed for profit over all human need, safety and well being, like the means of production as a whole, will continue to crash catastrophically unless seized and put to rational use by the working class.
Anthony Rupert
