Sign Up
..... Connect Australia with the world.
Categories

Posted: 2024-07-19 06:43:12

An unprecedented IT outage has affected major institutions in Australia and internationally, potentially one of the biggest global outages ever experienced.

Outages were recorded in the US and New Zealand before the Australia-wide shutdown.

Reports of the Australian outage began flooding in about 3pm AEST.

The global outage impacted a raft of Australian companies and government agencies on Friday afternoon.

The outage hit telco providers, media websites, banks and airlines.

Universities, law firms, Bunnings and blood donation services were also among the places where ABC readers reported experiencing outages.

A line of closed self serve checkouts at a supermarket

Self-serve check-outs closed at a Woolworths in Perth amid the global IT outage.(ABC News: David Weber)

Payment systems caused major disruption at supermarkets and fuel stations.

People were stuck at fuel pumps unable to pay for their petrol.

Supermarket customers sent the ABC photos of self-check-outs with error messages.

And shops were forced to close their doors.

Here's what we know.

What happened?

The outage was quickly linked to the US-based CrowdStrike, one of the largest cybersecurity companies in the world.

The company has software called CrowdStrike Falcon installed on Windows, Mac and Linux systems globally, advertising protection from attacks including credential theft.

"Falcon is the CrowdStrike platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks," the company's website claims.

CrowdStrike launched a software update earlier this week, but an overnight update caused Windows computers to attempt to restart and display a blue-screen error message.

In a statement, the company clarified Mac and Linux hosts were not impacted.

On X, Microsoft said it was investigating the incident.

Cybersecurity expert Andy Prow said any disruption within a CrowdStrike system could affect the whole computer system, impacting laptops, self-check-out terminals and smart devices all at once.

"The bad guys are writing exploits and malware and viruses that get very deep inside your computer," Mr Prow said.

"So, for something like CrowdStrike to work it has to be very deep in your computer."

Yellow signs on the glass door of a bottle shop saying CLOSED

A bottleshop in Perth closed on Friday afternoon due to the global IT outage.(Supplied: Amy Gubana)

He advised the public against removing CrowdStrike systems from their computers, saying the move could expose them to security threats.

Australia's National Cybersecurity coordinator, Lieutenant General Michelle McGuinness, posted a statement on social media saying she was aware of the outage.

"Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies," she said.

"There is no information to suggest it is a cybersecurity incident. We continue to engage across key stakeholders."

Australian cybersecurity company CyberCX said it was aware of the outage and was advising its customers in Australia and New Zealand.

"We understand that this has been caused by an issue affecting organisations who have installed CrowdStrike Falcon in their IT environments," a CyberCX spokesperson said.

"CrowdStrike is a global cybersecurity company who provide detection and monitoring tools to cyber and IT teams.

"At this time, CyberCX is actively tracking the situation and are awaiting information detailing scope and recovery. "We will continue to support affected customers as this incident evolves."

When will it be fixed?

A blue screen on computer screens in a newsroom

Blue screens took over many corporate offices across Australia on Friday afternoon.(ABC News: Keane Bourke)

CrowdStrike CEO George Kurtz released a statement on X on Friday evening, reiterating the issue was due to a "defect" in a content update for Windows hosts and not a cyber attack.

He assured users the company had deployed a fix.

"We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website," he said.

Hamish Hansford, the deputy secretary from the Home Affairs Cyber and Infrastructure Security Centre, added on X he anticipated the outage to "self-resolve" in "the next hours and days".

"There is no reason to panic, CrowdStrike are on it, it is not a cybersecurity incident and we're working as fast as we can to resolve the incident," he said.

Although CrowdStrike implemented a fix to their software defect, some systems were unable to reboot to receive the update.

In these cases, it needs to be manually applied — which will take some time.

In a statement released on X on Friday evening, Microsoft acknowledged the "residual impact" of the outage on apps and services.

Mr Kurtz told NBC news on Friday night it "could be some time" before computers which were automatically rebooting to recover from the software glitch.

"I want to start with saying we're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this including our company," he said.

"Many of the customers are rebooting the system, and it's coming up and it'll be operational because we fixed it on our end."

"And some of the systems that aren't recovering, we're working with them.  So it could be some time for some systems that just automatically won’t recover."

View More
  • 0 Comment(s)
Captcha Challenge
Reload Image
Type in the verification code above