Australian banks, supermarkets, airports and many other businesses have been rocked by a .
The outage struck on Friday and is believed to have been caused by an issue at CrowdStrike — a United States-based cybersecurity company.
Multiple industries around the world were impacted, with computer systems shut down and public services disrupted.
Here’s what we know.
What caused the outage?
It has been widely reported that the issue appeared to be affecting computers running Microsoft Windows, and caused them to generate what is known as the ‘blue screen of death’ — which signifies a complete system failure.
CrowdStrike CEO George Kurtz said the issue was caused by “a defect found in a single content update” and was not a security incident or cyberattack.
“Today was not a security or cyber incident. Our customers remain fully protected,” he wrote on X.
“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption.”
Earlier, he said the issue had been identified and isolated, and a fix had been deployed.
In a blog post, CrowdStrike said the crashes were related to its Falcon sensor.
“We are working on a technical update and root cause analysis that we will share with everyone as well,”
National Cyber Security Coordinator Michelle McGuinness said on social media that the outage began at about 3.30pm AEST on Friday.
What is a Falcon sensor?
CrowdStrike did not appear to detail this in the reported statement, but its website describes it as a system that offers “real-time threat protection”.
The company’s website says the CrowdStrike Falcon is purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent “all types of attacks”.
“Falcon is what is known as an Endpoint Detection and Response platform, which monitors the computers that it is installed on to detect intrusions (i.e., hacks) and respond to them,” said Toby Murray, an associate professor at the University of Melbourne’s School of Computing and Information Systems, in a statement distributed by the Australian Science Media Centre.
“That means that Falcon is a pretty privileged piece of software in that it is able to influence how the computers it is installed on behave.”
A ‘blue screen of death’ — which signifies a complete system failure — is seen at a Big W in Brisbane. Source: AAP / Jono Searle
What could have caused the Falcon sensor issue?
Experts say it was most likely caused by a faulty update, not a hack.
Scott Jarkoff, former director of threat intelligence for the Asia Pacific, told the Australian Financial Review he did not believe it was a hack and instead was a “bad update pushed out to the sensor”.
Jarkoff told the newspaper he believed it would likely have affected those with automatic updates turned on. He believed that those installing updates manually would only have been affected if they proceeded.
Murray said Falcon was similar to anti-virus software, which is frequently updated to protect against the latest threats.
“We have certainly seen anti-virus updates in the past causing problems,” he said.
The federal government and authorities have also said there was no evidence so far that suggested the outage had been caused by a hack.
“This is a technical issue, caused by a CrowdStrike update to its customers,” Home Affairs Minister Clare O’Neil said in a statement on Friday evening, following a National Coordination Mechanism meeting which she said CrowdStrike attended.
“We can confirm there is no evidence that this is a cyber security incident,” she said.
Jetstar passengers wait as check-in kiosks are closed due to a global IT outage at the Gold Coast Airport. Source: AAP / Farid Farid
How was Australia affected by the outage?
Crowd-sourced website Downdetector listed Telstra, Microsoft, Google, NBN, Foxtel, National Australia Bank, ABC, ANZ, and Bendigo Bank as suffering outages.
The outage also caused problems for Qantas, Virgin Australia, and airports, including those in Melbourne and Sydney.
A Virgin Australia spokesperson said the company was aware of a “large-scale IT outage impacting multiple airlines and other businesses which is having an impact on our operations.”
Coles and Woolworths confirmed to SBS News that operations in their stores had been affected.
Media outlets including the ABC, SBS, Nine, Network Ten, and Sky News also experienced issues.
Even footy fans were hit, with AFL club Essendon warning fans to bring physical tickets so they could get into Docklands Stadium in Melbourne on Friday night.
The Australian National Relay Service confirmed it was working to restore services.
It said it was able to make emergency triple-zero calls, which the federal government said did not appear to be affected.
When will the outage be resolved?
O’Neil said CrowdStrike had deployed a solution to fix the issue.
“The company has informed us that most issues should be resolved through the fix they have provided, but given the size and nature of this incident it may take some time to resolve,” she said.
“Governments are closely engaged at all levels, focused on bringing together the affected parties and ensuring government entities institute the fix as quickly as possible.”
Jetstar warned travellers delays are expected again on Saturday as customers take alternative flights but the airline gave a reassurance that operations are returning to normal.
Melbourne Airport issued a similar statement, warning of congestion at the site due to cancelled or delayed flights overnight.
Other services impacted on Friday like supermarkets where shoppers were forced to abandon trolleys full of goods are back online.
Crowd-sourced website Downdetector listed services like Telstra, Microsoft, Google, National Australia Bank, ABC, Uber, ANZ, and Aldi are back up and running.
There was no impact to triple zero calls or services during the outage, Prime Minister Anthony Albanese confirmed on Friday night.
The financial costs are expected to be tallied by economists over the weekend as they estimate the money lost to businesses.
Additional reporting by Australian Associated Press