Hundreds or potentially thousands of companies across Australia and the rest of the world have been hit by a massive IT outage.
So what caused the outage, how long is it going to last, and who has been affected?
What happened and what caused the outage?
Friday’s disruptions began when a faulty update was pushed out from CrowdStrike for one of its tools, “Falcon”.
In a statement about the ongoing situation, the company said the defect was found “in a single content update for Windows hosts” — noting that Mac and Linux systems were not impacted.
But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem have been far-reaching.
UNSW Professor Salil Kanhere said it appeared CrowdStrike’s software update had been rolled out globally “without proper testing”.
“This incident appears to violate every good software engineering practice we know,” he said.
“It also points to the need for mechanisms that can protect a computer’s operating system from potentially misbehaving anti-virus software.”
Experts said the disruptions underscored the vulnerability of worldwide dependence on software that comes from only a handful of providers.
“It is an ‘all our eggs are in one basket’ situation,” Craig Shue, professor and computer science department head at Worcester Polytechnic Institute, said.
“This lets us make sure our ‘basket’ is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs.”
Was it a hack or cyberattack?
Thankfully, the issue doesn’t appear to have been the result of a hack.
The issue caused many Windows users to get locked into BSOD (blue screen of death) cycles, with the same problem hitting the likes of self-service checkouts at supermarkets, airport check-in screens, ordering terminals at fast food restaurants, and media broadcasting systems.
The issue began in Australia about 3pm AEST, but a Microsoft outage believed to be linked to the wider problems occurred about six hours earlier. That brought low-cost US carrier Frontier Airlines and some competitors to a standstill for hours.
CrowdStrike and Microsoft both said they were working to get systems back online.
In an emailed statement, Crowdstrike said that it was “actively working with customers impacted by a defect found in a single content update for Windows hosts” — adding that a fix “had been deployed” for the identified issue.
Microsoft 365 posted on social media platform X that the company was “working on rerouting the impacted traffic to alternate systems to alleviate impact” and that they were “observing a positive trend in service availability”.
Spokesperson Frank X Shaw later added that the company was “actively supporting customers to assist in their recovery”.
Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.
In the long-term, experts say that the outage should act as a wake-up call for businesses and governments.
“This crisis calls for immediate collaborative action to enhance resilience through robust safeguards and fail-safes, especially in life-critical networks,” the University of Sydney’s Dr Shumi Akhtar said.
“As we increasingly pivot to a future dominated by digital and AI innovations, this outage is a resounding wake-up call: we must fortify our digital bastions to safeguard against such catastrophic interruptions, ensuring our readiness and security in an interconnected era.”
From an Australian perspective, it highlights our reliance on overseas IT providers.
“In Australia, many businesses and organisations have found that their software systems have failed due to the software system outage,” Dr Mark Gregory from RMIT University said.
“The reliance on centrally managed global software solutions can lead to significant security risks.
Australian governments have, for too long, acquiesced to companies that store Australian data overseas and manage critical systems from global headquarters out of Australian jurisdictions.”
Are triple zero, ambulances, hospitals and other healthcare services impacted?
In Australia at least, it appears healthcare systems have largely avoided the impacts of the outage.
Prime Minister Anthony Albanese said the nation’s critical infrastructure and triple zero services are unaffected.
“There is no impact to critical infrastructure, government services or triple zero services at this stage,” he said.
“The National Coordination Mechanism has been activated.”
Telstra also confirmed triple zero centres are still working.
“There’s no impact to calls to our triple zero call centres or our fixed and mobile network,” the telco said.
Similarly, NSW Health says its systems are unaffected, and Ambulance Victoria is okay too.
What sites and companies are impacted?
The list of businesses impacted by the outage in Australia is long and wide-ranging.
It includes supermarkets Coles and Woolworths, while there was chaos at airports including Sydney and Melbourne with Qantas, Jetstar and Virgin all affected.
Many media companies have also been hit, including 9News, the ABC, SBS and Sky News.
So have fast-food restaurants like KFC, and a range of banks including Bendigo, Commonwealth, and NAB.
Some other companies we know have been affected include Service NSW, Dan Murphy’s, Xero, TAB and 13Cabs.
Overseas, the impacts are widespread, with the likes of the London Stock Exchange, Berlin Airport, and Microsoft 365 all experiencing serious issues.
– Reported with Associated Press
Discussion about this post