Airlines were gradually coming back online Saturday after global carriers, banks and financial institutions were thrown into turmoil by one of the biggest IT crashes in recent years, caused by an update to an antivirus program.
Passenger crowds had swelled at airports on Friday to wait for news as dozens of flights were cancelled and operators struggled to keep services on track, after an update to a program operating on Microsoft Windows crashed systems worldwide.
Multiple US airlines and airports across Asia said they were now resuming operations, with check-in services restored in Hong Kong, South Korea and Thailand, and mostly back to normal in India, Indonesia and at Singapore’s Changi Airport as of Saturday afternoon.
“The check-in systems have come back to normal (at Thailand’s five major airports). There are no long queues at the airports as we experienced yesterday,” Airports of Thailand president Keerati Kitmanawat told reporters at Don Mueang airport in Bangkok.
The widespread disruptions highlighted the fragility of critical global infrastructure that has become increasingly dependent on a small number of technology companies.
Microsoft said the issue began at 1900 GMT on Thursday, affecting Windows users running the CrowdStrike Falcon cybersecurity software. CrowdStrike said it had rolled out a fix but it could take a few days to return to normal.
“The scale of this outage is unprecedented, and will no doubt go down in history,” said Junade Ali of Britain’s Institution of Engineering and Technology, adding that the last incident approaching the same scale was in 2017.
While some airports halted all flights, in others airline staff resorted to manual check-ins for passengers, leading to long lines and frustrated travellers.
The US Federal Aviation Administration (FAA) initially ordered all flights grounded “regardless of destination”, though airlines later said they were re-establishing their services and working through the backlog.
India’s largest airline Indigo said operations had been “resolved”, in a statement posted on X. But low-cost carrier AirAsia said it was still trying to get back online, and had been “working around the clock towards recovering its departure control systems (DCS)” after the global outage.
Banks in Kenya and Ukraine also reported issues with their digital services, while some mobile phone carriers were disrupted and customer services in a number of companies went down.
CrowdStrike’s boss George Kurtz told US news channel CNBC he wanted to “personally apologise to every organisation, every group and every person who has been impacted” by the glitch.
The White House said US President Joe Biden’s team was talking to CrowdStrike and those affected “and is standing by to provide assistance as needed”.
Experts said the incident should prompt a widespread reconsideration of how reliant societies are on a handful of tech companies for such an array of services.
“We need to be aware that such software can be a common cause of failure for multiple systems at the same time,” said John McDermid, a professor at York University in Britain. “Infrastructure should be designed to be resilient against such common cause problems.”