Hundreds or potentially thousands of companies across Australia and the rest of the world have been hit by a massive IT outage.
So what caused the outage, how long is it going to last, and who has been affected?
This is what we know.
Friday’s disruptions began when a faulty update was pushed out from CrowdStrike for one of its tools, “Falcon”.
In a statement about the ongoing situation, the company said the defect was found “in a single content update for Windows hosts” — noting that Mac and Linux systems were not impacted.
But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem have been far-reaching.
UNSW Professor Salil Kanhere said it appeared CrowdStrike’s software update had been rolled out globally “without proper testing”.
“This incident appears to violate every good software engineering practice we know,” he said.
“It also points to the need for mechanisms that can protect a computer’s operating system from potentially misbehaving anti-virus software.”
Experts said the disruptions underscored the vulnerability of worldwide dependence on software that comes from only a handful of providers.
It is an ‘all our eggs are in one basket’ situation,” Craig Shue, professor and computer science department head at Worcester Polytechnic Institute, said.
“This lets us make sure our ‘basket’ is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs.”
Was it a hack or cyberattack?
Thankfully, the issue doesn’t appear to have been the result of a hack.
The issue caused many Windows users to get locked into BSOD (blue screen of death) cycles, with the same problem hitting the likes of self-service checkouts at supermarkets, airport check-in screens, ordering terminals at fast food restaurants, and media broadcasting systems.
The issue began in Australia about 3pm AEST, but a Microsoft outage believed to be linked to the wider problems occurred about six hours earlier. That brought low-cost US carrier Frontier Airlines and some competitors to a standstill for hours.
What happens next?
CrowdStrike and Microsoft both said they were working to get systems back online.
In an emailed statement, Crowdstrike said that it was “actively working with customers impacted by a defect found in a single content update for Windows hosts” — adding that a fix “had been deployed” for the identified issue.
Microsoft 365 posted on social media platform X that the company was “working on rerouting the impacted traffic to alternate systems to alleviate impact” and that they were “observing a positive trend in service availability”.
Spokesperson Frank X Shaw later added that the company was “actively supporting customers to assist in their recovery”.
Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.
The Australian government’s Cyber and Infrastructure Security deputy secretary, Hamish Hansford, said there was “no reason to panic”. “Over the next hours and days, we hope that this incident will self resolve as technical responses kick in,” he said.
