An unprecedented IT outage caused by a simple software update that crippled companies and services around the country has revealed just how vulnerable Australia’s security infrastructure could be to a malicious attack.
Banks, media outlets, airports, supermarkets, retailers and government services and even hospitals were left scrambling by the outage that hit just after 3pm Australian Eastern Standard Time on Friday.
Australian authorities confirmed the outage was linked to major cyber security firm CrowdStrike and not the result of a malicious cyber attack.
While many breathed a sigh of relief that malicious actors were not responsible, cyber security experts warned the incident exposed a soft and exposed belly of the country’s IT systems.
And not just in Australia, but the world, with companies affected globally in the same way.
“It’s not just a mistake or just an error; this is the worst sort of thing that can happen,” cybercrime professor Richard Buckland, from UNSW’s School of Computer Science and Engineering, said.
“This is more serious than a cyberattack because it shows our systems aren’t even proofed against randomness.”
Monash University cybersecurity professor Nigel Phair described the incident as “unprecedented in scale” and said the outage highlighted the dependencies organisations had on the internet and related online technologies.
The system failure forced the federal government to convene a snap crisis National Co-ordination Mechanism meeting on Friday evening.
“Crowdstrike attended the meeting and we can confirm there is no evidence that this is a cyber-security incident,” Home Affairs Minister Claire O’Neil said on Friday night.
“This is a technical issue, caused by a Crowdstrike update to its customers.”
The company said it had issued a fix for the problem, allowing affected companies and organisations to reboot their systems.
Ms O’Neil said Crowdstrike told ministers that most issues should be resolved through the fix they had provided.
“But given the size and nature of this incident it may take some time to resolve,” she said.
Prime Minister Anthony Albanese said there had been no impact to critical infrastructure, government services or triple-zero services as of 7pm on Friday.
However, numerous flights were cancelled around the country with hundreds of people left stranded at airports while shoppers were forced to leave trolleys full of goods abandoned at supermarket registers.
Crowd-sourced website Downdetector listed Telstra, Microsoft, Google, Foxtel, National Australia Bank, ABC, Uber, ANZ, and Bendigo Bank as suffering outages.
Qantas, Virgin Australia and Jetstar, as well as police forces across much of the country and the federal and NSW governments were also hit.
Point-of-sale machines at shops including Coles and Woolworths were unable to process customer transactions, forcing at least six Woolworths stores to shut.
The financial costs are expected to be tallied by economists over the weekend as they estimate the money lost to businesses.
Crowdstrike CEO George Kurtz said the company was continuing the work with customers “impacted by a defect found in a single content update for Windows hosts”.
“This is not a security incident or cyberattack,” he said in a statement.
“The issue has been identified, isolated and a fix has been deployed.”
He confirmed that only Microsoft systems were affected.
