Australian Home Affairs Minister and Senator Clare O’Neil has said the CrowdStrike outage was a “very serious incident for the Australian economy”.
“I’ve seen it reported that this is the biggest IT outage in world history,” she said during a media conference on 20 July. “It is absolutely possible that that’s the case, certainly the largest in the time I’ve been alive.”
While the official financial impact of the global outage remains unknown as systems attempt to recover, O’Neil said that “this has been a very serious incident for the Australian economy”.
When questioned about the Australian Defence Force and the Future Fund Management Agency’s contracts with CrowdStrike, the Senator did not comment on how this outage would impact the contracts in the future.
According to AusTender, the Future Fund Management Agency’s current contracts with CrowdStrike total over $3.1 million. The vendor will provide software maintenance, IT consultation and support until December 2024.
The Australian Department of Defence also has a software renewal contract with the vendor worth about $1.5 million that will end in December 2025.
The CrowdStrike outage hit global organisations on 19 July, affecting major companies and retail outlets running Microsoft Windows devices.
According to the tech giant, since the initial outage, it has engaged with CrowdStrike to automate its work on developing a solution. The software giant stated it has also deployed hundreds of Microsoft engineers and experts to work directly with customers and collaborate with other cloud service providers, such as Google Cloud Platform (GCP) and Amazon Web Services (AWS).
The blue screen of death was seen on screens in retail outlets and airport flight information boards, with organisations like Foxtel to MyGov, the big four banks and supermarkets also impacted in Australia.
Across the Tasman, the NZ Herald reported that Kiwis were experiencing issues with banking and transport services, including delayed flights.
While retail and supermarket checkout systems had gone down, some New Zealand-based Countdown stores closed entirely.
On 20 July, CrowdStrike CEO George Kurtz released a statement apologising to “all of you for the outage”.
“All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority,” Kurtz said.
He explained that the outage was caused by a defect in a Falcon content update for Windows hosts. However, Mac and Linux hosts were not impacted and said this was not a cyberattack.
In a LinkedIn post, CrowdStrike chief security officer Shawn Henry wrote that “thousands of our team members have been working 24/7” to restore customer systems fully.
“I think there’s going to be a time for CrowdStrike to come forward and account for the problem that occurred and the way in which the remediation has occurred,” she said. “The Australian government, of course, will look at what’s occurred post this event.”
According to O’Neil, the National Coordination Mechanism, which brings together critical Australian infrastructure providers during a national crisis, was triggered when CrowdStrike’s update error caused the global IT outage.
“CrowdStrike issued an update to a subset of their customers,” she said. “That update had an error in it which caused effectively system outages for computers that it was pushed to, so computers that were online at that time.”
Although the bug fix was provided shortly after the event, systems took time to return to normalcy.
“The issue here is just the breadth of people using this particular software and the time it takes to build and bring major systems back online,” said O’Neil.
The financial impact of the CrowdStrike falcon sensor bug has yet to be calculated, although it has caused significant issues for most customer‑facing systems.
However, according to the Senator, not every organisation was affected by this outage.
“There will be a couple of reasons why some providers weren’t affected at all,” she said. “Some of them will not have been running the system of CrowdStrike that this affected, so this did not affect all types of CrowdStrike systems.”
Some that had interactions in software internally in their systems, so some of them won’t have been affected, but for others of them, they will have been affected, but they’ve got good business processes that allow them to continue to function.”
The Senator said the outage disrupted government services. However, the most important services, “those that deal with vulnerable people and those around Emergency Services,” were still able to function, she added.
The Australian Signals Directorate (ASD) has also released an alert associated with the global IT outage.
While the outage itself was not caused by malicious actors, this hasn’t stopped cyber criminals from taking advantage of the situation.
According to the ASD’s Australian Cyber Security Centre (ACSC), a number of malicious websites and unofficial codes are being released claiming to help entities recover from the widespread outages caused by the CrowdStrike technical incident.
The ACSC encourages organisations to continue to apply updates and patches to software and security products.