A global IT outage is still affecting some services on the Isle of Man.
Manx Care has seen several GP practices hit and the Steam Packet Company says it can only currently accept cash payments onboard.
Cybersecurity firm CrowdStrike say they're "actively working" to fix a defect in an update for Microsoft Windows users which sparked the incident.
Andy Cuff is the CEO of Computer Network Defence - which has a base in Ballasalla.
He explains the situation to Siobhán Fletcher.
My name is Andy, I'm the CEO at Computer Network Defence. Hi Andy, so perfect. So today we're talking about this mass IT outage that's caused travel chaos around the world, banking and healthcare services have also been badly hit. For the listeners then, what's actually happened then? Well, it's caused ironically by a cyber security firm called CrowdStrike. They've got a product which is Endpoint Security Product. By Endpoint, it means it sits on your desktop, your servers, etc. But it only affects Windows computers. Now what's happened is that CrowdStrike, those computers with CrowdStrike cyber security software on them, they've performed an update, but what they've pulled down is either a corrupt or badly packaged update, which has caused their computers to fail. Across in England, not that long ago, we saw hospitals hit by a cyber issue. But this today seems sort of impacted all sorts really. Here on the Isle of Man GP practices have been affected. The steam packet have said that they have to accept cash payments only on board today. We briefly saw the weather website, even like the government website, go down earlier. So why does it impact that range of services? It seems to be non-discrimination. It would refer to a supply chain. So basically, with the banks, for instance, there's a lot of banks that use CrowdStrike, and so their systems have been taken down. And therefore, if I don't know whether steam packet are using CrowdStrike, or indeed, whether it's just their banking that's gone down, so if that is the case, then it's not steam packets issue, it's their supply chain. So it's basically their suppliers, in this case, financial. The company behind this, who kind of said, oh, it was awesome, put the hands up and said, you know, faulty upload. Does this now mean that they've put out a new affix almost, and we'll see that rolling out throughout the day? You would hope so. It depends on, because these, the computers are completely, we would call it a blue screen of death, whereby they don't operate. And it depends on how the systems are going to be either rebuilt. They would certainly, almost, certainly need to be restarted, but this is how you'd get those software updates out to those computers. Perfect. And is there anything you think I've missed there or anything else that we think we should explain? No, I think in general, most, certainly on the island, there are one or two issues, but not, it tends to be more supply chain related. So it's not necessarily those systems that are using CrowdStrike, it's those systems that are using businesses that use CrowdStrike, that are unable to supply their services to those computers. Perfect. So the Isle of Man shouldn't worry that this is a widespread thing for specific things. It's almost like that issues further up, and it's just filtering down, obviously, a big thing that it takes Microsoft Windows. I think, yeah, it's, understand. So when the BBC first announced this first thing this morning, they said it was Microsoft 365 that was the problem, and it wasn't. It was basically, it was those systems using Windows that are using CrowdStrike that are affected by it. But as I say, it's also those supply chains. Perfect. Thank you very much for that. I think that's all I've got prepped here. I would also say that the NHS issues, that was a cybersecurity attack, which was, I think if I remember correctly, was ransomware, which encrypted all those hosts in that organization to stop them being used. This is slightly different. CrowdStrike are also saying it's not an attack, it's not a cybersecurity issue, it's just bad software. Right. Okay. So, yeah, it's that differentiation really then. This is just a faulty upload of some software rather than a sort of malicious attack. Yes. Well, according to CrowdStrike's release, that is the case. All right perfect
