News
IT outage: Lankan companies affected, but recover soon
View(s):By Tharushi Weerasinghe
Several Sri Lankan companies from the airlines, apparel, and banking sectors came to a standstill on Friday when a global cyber-outage brought multiple industries to a halt.
The outage, one of the world’s biggest to date, occurred when CrowdStrike, an international cybersecurity provider, deployed an update that triggered shutdowns of Microsoft systems worldwide.
“A CrowdStrike update was responsible for bringing down a number of IT systems globally. We are actively supporting customers to assist in their recovery,” a spokesperson for Microsoft South Asia told the Sunday Times. Mac and Linux systems were unaffected.
The national carrier, SriLankan Airlines, which faced disruptions to its online services, said its services were fully restored by 2 p.m. on Friday. Airline officials said their flights were not otherwise impacted.
The Sunday Times found that operations in certain private hospitals and the apparel sector were also interrupted. Industry sources also confirmed that many private bank services like ATMs, core banking, and online banking systems were also disrupted.
“Many of these companies have not officially declared anything based on maintaining customer confidence, but we will be starting investigations on Monday in collaboration with the Central Bank to assess the impact, especially in the banking sector,” said Charuka Damunupola, Lead Information Security Engineer at the Sri Lanka Computer Emergency Readiness Team (SLCERT). About 40 government agencies are expected to submit official reports on whether they have been using CrowdStrike products and any impacts they faced during the outage.
Mr. Damunupola noted that most of the private companies affected managed to resolve the outage with the immediate update that CrowdStrike sent out. “The reset recovery process only failed about 5% of the time.”
Government agencies in Sri Lanka still use relatively more traditional security methods like web application firewalls, endpoint security, and other manual methods. The update sent out was on an extended detection and response product, a cloud-based security system. “We don’t use this because it is expensive, and we try to keep our data in the country as much as possible,” noted Mr. Damunupola.
“What happened today is a freak incident that can happen with any supplier or product,” noted cybersecurity expert Sujit Christy. He said that as systems become more complex, conversations should shift from good or bad vendors to organisational resilience amid cyber emergencies.
He noted that cyber incidents could either be security breaches that allow threats to penetrate systems or update glitches that result in denial of service. “The common denominator is the loss due to data exfiltration, regulatory fines, and recovery costs,” Mr. Christy noted, stressing the importance of considering Recovery Time Objectives (RTO) in resilience planning.
The product that malfunctioned, Falcon Sensor, is a Windows-based cybersecurity tool. The systems affected by the update went into an immediate “blue screen of death”—a colloquial term used to describe a Windows outage blue screen.
CrowdStrike CEO and Founder George Kurtz apologised to customers via social media and the company’s website, clarifying that the incident was not a cyberattack and that a fix was promptly deployed for customer system restoration. Mr. Kurtz also warned customers about malicious websites posing as CrowdStrike representatives and advised using only official channels for updates and assistance.
Thousands of flights were cancelled and tens of thousands delayed, causing long lines at airports across the United States, Europe, Asia, and Latin America. During the peak summer travel season, airlines lost access to check-in and booking services. By late Friday night, the situation began to improve, but there were still residual cancellations and delays due to the cascading impact of the disruption.
Bandaranaike International Airport (BIA) officials, on the other hand, claim that passengers there did not face delays due to the tech outage. “Airlines like IndiGo, which were affected, managed to organise a manual boarding pass system to avoid delays,” Duty Manager Achini Perera said yesterday.
The best way to say that you found the home of your dreams is by finding it on Hitad.lk. We have listings for apartments for sale or rent in Sri Lanka, no matter what locale you're looking for! Whether you live in Colombo, Galle, Kandy, Matara, Jaffna and more - we've got them all!