Companies and institutions around the world have been taken offline after a major IT outage, likely caused by a faulty update to widely used cybersecurity software.
The outage is “causing disruption to most GP practices” in England, but there are currently no known impacts on 999 or emergency services, NHS England said.
The health service said patients should attend their appointments unless otherwise instructed and should only contact their GP if it is an emergency.
The NHS is aware of a global IT outage and an issue with a GP appointment and patient records system.
If you have an appointment, please come unless you have been told otherwise. If you need help, use 111 online or by phone, and in emergencies call 999.
➡️https://t.co/M4QxHP2GqM
— NHS England (@NHSEngland) July 19, 2024
Major infrastructures including airlines, train companies, banks and media have come to a standstill after their computer systems went offline or devices displayed the so-called “Blue Screen of Death” (BSOD).
In the UK, Sky News was taken off air, while Britain’s largest train operator warned passengers of disruption due to “widespread IT issues”, as did many major airlines and airports.
GP practices across England have reported being unable to make appointments or access patient records because their EMIS web system was down.
The National Pharmacy Association (NPA) also said that “community pharmacy services, including access to GP prescriptions and the supply of medicines, have been disrupted today”.
Around the world, banks, supermarkets and other large institutions reported computer problems that disrupted services. Many businesses were also unable to accept digital payments.
Microsoft has confirmed that it is aware of the issues with its Azure cloud platform and has resolved them. However, many cybersecurity experts have pointed to global cybersecurity firm CrowdStrike as the possible source of the problem. CrowdStrike provides monitoring and protection against cyberattacks to many large companies.
According to experts, a faulty update to CrowdStrike’s Falcon Sensor software could be the cause of the problem.
CrowdStrike has not released a statement on the matter, but calls to the company’s technical support line were answered with a recorded message stating that the company was “aware of reports of crashes on Windows… related to the Falcon sensor.”
CrowdStrike advises affected customers to contact their customer service portal for assistance.
Microsoft confirmed last night that it is investigating an issue with its services and apps. The tech giant’s service status website warned of “service degradation,” meaning users may lose access to many of the company’s most popular services, which are used by millions of businesses and people around the world.
Cybersecurity expert Troy Hunt also reported issues with CrowdStrike. Australian telecom company Telstra posted on X, formerly Twitter, that the global outage was the result of “a global issue affecting both Microsoft and CrowdStrike.”
Ryanair is one of the affected companies. The airline posted the following on its website: ‘Potential network disruptions (Friday 19 July) due to a global outage in an external system.
“Affected passengers are being informed and all passengers travelling across the network on Friday 19 July should check their Ryanair app for the latest updates on their flight.
“We advise passengers to be at the airport three hours before their flight departs to avoid disruptions.
“We regret the inconvenience this third-party IT issue has caused to passengers. It is beyond Ryanair’s control and impacts all airlines operating within its network.”
Edinburgh Airport reports that the IT outage is causing longer waiting times.
A spokesperson said: “Due to an IT system failure, waiting times at the airport are longer than normal.
“This outage has consequences for many other companies, including airports.
“We are working to resolve this and our teams are ready to assist where we can. Passengers are thanked for their patience.”
Meanwhile, Govia Thameslink Railway (GTR), the parent company of Southern, Thameslink, Gatwick Express and Great Northern, warned passengers that delays could occur due to the problem.
According to Downdetector, a website that monitors service status, users reported problems with services from Visa, BT, major supermarket chains, banks, online gaming platforms and media.
GP practices across England have reported on social media that they are unable to access the EMIS web system.
NHS hospitals are reportedly not currently affected by the outage.
EMIS Web is the most widely used clinical system for primary care in the UK.
It offers GP practices the ability to make appointments, view records and includes a clinical decision-making tool. It also helps with administration.
Solihull Healthcare Partnership in the West Midlands said there is a “national problem” with EMIS Web.
On X it said: “Unfortunately there is a national problem with EMIS Web – our clinical computer system.
“This will impact our ability to book/consult patients this morning.”
Windrush Medical Practice in Witney, Oxfordshire, said it was continuing to see emergency cases but urged patients with “routine concerns” to wait until Monday.
Other GP practices affected by the outage have said the problem will have “major implications”.
Central Lakes Medical Group in Ambleside wrote on X: “We are being affected by the IT outage.
“This will have a major impact on us, so apologies in advance for any inconvenience and delays on the phone.”
According to cybersecurity experts, a problem with the platform would have far-reaching consequences, as CrowdStrike’s Falcon Sensor has widespread access to corporate systems.
Toby Murray, Associate Professor in the School of Computing and Information Systems at the University of Melbourne, said: “CrowdStrike Falcon has been linked to this widespread outage. CrowdStrike is a global cybersecurity and threat intelligence company.
“Falcon is what’s known as an Endpoint Detection and Response (EDR) platform, which monitors the computers it’s installed on to detect and respond to intrusions – hacks. That means Falcon is a pretty privileged piece of software, because it can influence how the computers it’s installed on behave.
“For example, if it detects that a computer is infected with malware that causes it to communicate with an attacker, Falcon could potentially block that communication. If Falcon were to suffer an outage, it could cause a widespread outage for two reasons: first, Falcon is widely deployed on many computers, and second, because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats, so that it can better detect them. We have certainly seen anti-virus updates causing problems in the past, for example here.
“It is possible that today’s outage was caused by a buggy Falcon update.”