As airlines recover from Crowdstrike/Microsoft crash, importance of robust backup plans is clear
The global computing outage on Friday caused by a faulty software update underscores the need for the public and private sectors in Thailand to have business continuity plans to ensure their operations are not interrupted, says the head of the National Cyber Security Agency (NCSA).
The CrowdStrike failure caused huge headaches for airlines worldwide and in Thailand, though Aeronautical Radio of Thailand (Aerothai) was not impacted, Air Vice Marshal Amorn Chomchoey told the Bangkok Post.
Hospitals experienced some impact but their computer emergency response teams had already fixed the problems, he added.
Nevertheless, the outage serves as a wake-up call to organisations, particularly those that operate critical information infrastructures, to have continuity plans in place to ensure safety, security and continuity.
Organisations need to ensure their people are familiar with any manual processes needed to handle disruptions and malfunctions, with backup plans in place, particularly in service areas, said AVM Amorn.
Moreover, the country’s critical information infrastructure must have more than one backup plan.
AVM Amorn said the Cybersecurity Act requires those operating critical information infrastructure to have a business continuity plan. The NCSA will audit them to determine whether their plans are viable, he added.
Airlines were gradually coming back online on Saturday after global carriers, financial institutions, healthcare providers and others were thrown into turmoil by one of the biggest IT crashes in recent years, caused by an update to a CrowdStrike antivirus program used by Microsoft’s cloud services.
Paiboon Amonpinyokeat, an expert in intellectual property and information technology law, said that in the case of the Microsoft/CrowdStrike incident, organisations could bring a lawsuit under the Civil and Commercial Code if a company is suspected to have violated a service-level agreement because of an outage.
If the company does not have a local office, the lawsuit can be filed with its local representatives. Affected organisations can also sue under the Personal Data Protection Act, which covers data loss, breaches and availability.
The CrowdStrike/Microsoft crash did not affect Thailand’s cellular, internet, communication and air navigation systems, the Digital Economy and Society (DES) ministry said on Saturday.
However, many business systems in Thailand were disrupted, and the ministry is working with the NCSA to assess and mitigate the damage, said minister Prasert Jantararuangthong.
Meanwhile, the departure control systems of some airlines affected by the outage resumed normal operations at 11am on Saturday, and the check-in process was back to normal, according to Airports of Thailand (AoT) director Kirati Kijmanawat.
He said that about 200 flights were affected by the outage but no passengers were left stranded. Some flights were delayed by one to three hours, and only one Bangkok–Osaka flight was cancelled, with passengers receiving compensation or replacement flights.
AoT has put on standby additional resources for three days to prepare for any new emergency, and passengers are advised to arrive three hours at the airport before departure time, he said.
Aerothai president Nopasit Chakpitak said its air traffic management system is secure and was not affected by the global outage.
Aerothai’s Windows PCs were not affected by the tech failure either, he added.
At 10.30am yesterday the Fly AirAsia Facebook page was asking passengers to check in online in advance for a smoother travel experience.
Passengers who need to check in at a counter are recommended to arrive at least three hours before their scheduled departure time, it said.
Passengers without checked-in baggage or who have checked in online and have their boarding pass can proceed directly to the boarding gate to avoid congestion at check-in counters, it added.
