• Computer networks are coming back online around the world - including NZ banks’ apps and payment systems - following a global tech outage of historic proportions.
• The problem was caused by a flawed update issued by CrowdStrike, a cybersecurity firm whose software is used by many large organisations, including banks, airlines and emergency service providers.
• CrowdStrike issued a fix late yesterday evening, which most organisations were able to successfully implement - but experts warn individual PCs might need to be manually updated by tech staff, which could take days for some organisations. Banks warn of lingering issues with balances.
• JetStar cancelled flights this morning.
  The flawed update only hit Microsoft Windows systems - with many users worldwide seeing the “blue screen of death” as their computers crashed and could not be restarted. Apple and Linux systems were unaffected.
• The GCSB’s National Cyber Security Centre warned that while it was a glitch rather than a cyber attack, “There has been an observed increase in phishing referencing this outage as opportunistic malicious cyber actors seek to take advantage of the situation”.

Computer systems are coming back online following a single software update by cybersecurity firm CrowdStrike that caused global chaos – illustrating the fragility of interlinked computer systems in today’s world.

A CrowdStrike update, which fixes the glitch, is now being implemented by organisations worldwide.

KiwiBank said in an 11.45pm update last night: “Our tech teams have worked hard and have our app and internet banking systems available again though there may be some residual delays to interbank transfers.”

On social media, at least one customer has complained about double-charging. Banks warn of issues with balances as they resolve last night’s glitches.

ASB said today that its mobile app, FastNet Classic and FastNet Business services were now back up and running with some limited functionality.

“Unfortunately due to the global tech issue, some customers may find issues with account balances and transactions, and our team is continuing to work with the impacted supplier to resolve this.”

ANZ told the Herald this morning that all of its systems had been restored overnight, but a spokeswoman qualified: “For customers who were expecting a payment from another bank overnight there may be a delay while a small number of disrupted payments are processed. This would be automatic payments, bill payment and direct debit payments. All outgoing ANZ payments have been processed.”

 

 

Friday evening saw long queues at retailers, with Woolworths shutting some of its stores and halting online orders. Online shoppers at multiple retailers have been warned of probably delivery delays today.

Civil Defence said in a late Friday night update that it was implementing the CrowdStrike patch. 111 calling and other systems were operational.

 

Air New Zealand reported last night that all of its flights were running to schedule, but that some customers were having payment issues due to the outage. The Civil Aviation Authority reported no delays to flights in New Zealand, but warned of possible problems today with the flow on effect from countries – including the US – where flights were grounded for much of Friday.

Jetstar was impacted, with the airline cancelling all flights until 2am Saturday morning - forcing passengers to sleep at Wellington Airport - then two flights to Australia at 6.15am and 7am. Auckland Transport reported HOP card payments were down. Multiple councils reported problems with their IT systems.

 

Who is CrowdStrike?

The global outages, which saw many hospitals revert to manual systems, broadcasters including Sky News UK forced off-air, travel chaos and long queues at many service stages or supermarkets on Friday from around 5pm NZT, was caused not by a cyberattack - but by software designed to stop it.

The Austin, Texas-based CrowdStrike makes cybersecurity software including Falcon – which monitors an organisation’s IT systems for hacking attempts, viruses and other threats.

It was a bug in a Falcon update late on Thursday NZT that caused global mayhem.

CrowdStrike, founded in 2012, says that its customers include 298 of the firms in the Fortune 500, eight out of 10 of the world’s largest financial services firms and six of the 10 largest healthcare providers.

 

Manual fix could take days

CrowdStrike issued a fix early Friday evening NZT, but it took hours for many organisations to implement. And cybersecurity experts warn that because individual Windows PCs must be updated manually, it could be days before some systems are fully recovered.

“The fix CrowdStrike has given is quite manual and may be difficult, in some cases, to deploy at large scale,” said Simo Kohonen, founder of Finland-based network security company Defused.

 

And CyberCX executive director for strategy and risk Dan Richardson told the Herald, “Smaller organisations that are not monitoring their systems and security 24/7 may not even realise they have a problem until they come into work on Monday, so we’re unlikely to see this issue fixed for everyone for some time.”

Richardson added, “This is quite possibly the largest outage in history. It’s a small piece of software that just happens to be in millions of computers around the world and we’re seeing the impacts of that across every section of the economy today.

“This is a reflection of how connected we are now – when an important piece of software has a problem, we see massive impacts. Given the complexity of large IT environments we are likely to see a longtail of impacts across the New Zealand economy for some time.”

 

 

Slow apology

Cloudstrike CEO George Kurtz took flak on social media for his post announcing a fix – in which he failed to apologise for his firm causing worldwide mayhem.

But shortly before midnight NZT, Kurtz appeared on NBC’s Today show, where he said: “We’re deeply sorry for the impact that we’ve caused to customers, to travellers, to anyone affected by this.”

And six hours after his initial post, he penned a mea culpa on X too.

A Daily Telegraph reporter who visited CrowdStrike’s Australia-NZ headquarters in Sydney at 5.08pm yesterday found the office empty. One staffer turned up shortly after.

He said he was told employees work remotely on Fridays.

Billions wiped from market cap

CrowdStrike earned just over $140m from the Australian and NZ markets last year - up from $75m in 2022 - according to Companies Office records. But only $4m of the total was booked on this side of the Tasman.

Tech commentator Peter Griffin told RNZ that some tech companies are “shipping software without doing all the checks and they could pay a big penalty for it.” He saw the problem potentially getting worse as big companies ate smaller ones and AI accelerating the race to rollout new software.

It was not immediately clear if CrowdStrike would face any penalty from regulators if it proved it had pushed out an update with insufficient due diligence.

But the market delivered an immediate verdict.

The cybersecurity firm’s shares were down 11% in early Nasdaq trading, wiping some US$10.8 billion ($18.9b) from the tech giant’s market cap.

Microsoft - which suffered an unrelated cloud outage to its 365 products, including Teams, that overlapped with CloudStrike’s failure - saw its shares relatively unaffected, down 0.5% in line with a broader market dip.

“Earlier today, a CrowdStrike update was responsible for bringing down a number of IT systems globally. We are actively supporting customers to assist in their recovery,” a Microsoft spokesperson said.

Cybersecurity expert and founder of the ASafaWeb security analysis firm Troy Hunt said it was “the largest IT outage in history”. Hunt posted to X, in reference to the sweeping nature of the outage: “This is basically what we were all worried about with Y2K, except it’s actually happened this time.”

Chris Keall is an Auckland-based member of the Herald’s business team. He joined the Herald in 2018 and is the technology editor and a senior business writer.