CrowdStrike outage: What we know so far about the global IT blackout
What happened?
A global IT outage is affecting businesses, airlines, media outlets, Government agencies and other organisations after a cybersecurity software company encountered a major technical issue.
The widespread outage is linked to CrowdStrike, an American software technology company that touts itself as a “global cybersecurity leader”.
Sign up to The Nightly's newsletters.
Get the first look at the digital newspaper, curated daily stories and breaking headlines delivered to your inbox.
By continuing you agree to our Terms and Privacy Policy.The outage, caused by the company conducting a content update to one of its software security platforms, has experts saying “it could be the biggest computer outage in history”.
Around 3pm AEST, reports began to flood in from organisations of their internet being down and blue screen errors popping up on their Microsoft systems. Computers were also crashing, with machines continually restarting.
In an advisory issued to CrowdStrike users, the company stated it was “aware of reports of crashes on Windows hosts related to the Falcon Sensor”. The Falcon Sensor is installed on business computers to gather security data.
“Symptoms include hosts experiencing a bugcheck\blue screen error,” the statement read.
CrowdStrike has since attributed the problem to “a defect found in a single content update for Windows hosts”, adding that Mac and Linux operating systems were not impacted.
The National Cyber Security Coordinator posted to X, formerly Twitter, amid the chaos, saying the outage was likely a technical issue and not cybersecurity-related.
“I am aware of a large-scale technical outage affecting a number of companies and services across Australia this afternoon,” the coordinator said.
“Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies.
“There is no information to suggest it is a cyber security incident. We continue to engage across key stakeholders.”
What is CrowdStrike?
CrowdStrike is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack services.
The software company touts itself as a “global cybersecurity leader with an advanced cloud-native platform for protecting endpoints, cloud workloads, identities and data”.
Its website says “29,000 customers trust CrowdStrike to protect” their data.
What is the Falcon Sensor?
The Falcon Sensor is “a platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks — including malware and much more,” the CrowdStrike website explains.
CrowdStrike Falcon responds to the latest strategies used by “sophisticated attackers” using a “powerful yet lightweight solution that unifies next-generation antivirus, endpoint detection and response, cyber threat intelligence, managed threat hunting capabilities and security hygiene — all contained in a tiny, single, lightweight sensor that is cloud-managed and delivered.”
Cloud-delivered security is a security technology that’s designed to protect critical infrastructure, applications and data in the cloud, as opposed to being installed and maintained on premises.
Who was affected?
Outage alert website Downdetector is reporting a growing list of organisations affected while workers across the world have been hit with a dreaded “blue screen”.
Banks including Bendigo Bank, ANZ, National Australia Bank, Commonwealth Bank, Bank of Queensland and more are all down, with hundreds of user reports flooding Downdetector.
Hospitals and Australian Government agencies including Centrelink and MyGov have also been affected. There were also reports of chaos at retail outlets, with shoppers desperately trying to draw out cash to bypass electronic payment methods.
Multiple media organisations reported issues with networks, including the ABC, SBS, Channel 7, Channel 9 and News Corp Australia.
Flights have also been grounded in the US, Australia and Europe. Sydney Airport and Virgin Australia have told passengers there is a “complete ground stop,” meaning no flights are going in or out of the airport.
Postage and freight deliveries will likely face delays with Australia Post, Amazon and VISA also among the affected organisations.
Downdetector has also listed Telstra, Google, Foxtel and Uber as suffering outages.
It remains unclear how many outlets have been hit by the outage.
What is CrowdStrike doing to fix the problem?
CrowdStrike said its engineering teams were actively working to resolve the issue.
“This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,” it said in a statement.
The issue affected Microsoft 365 apps and services, and escalating disruptions continued hours after the technology company said it was gradually fixing it.
-- With files from AAP