'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says (2024)

Home Affairs Minister Clare O'Neil says it may take one to two weeks to get all affected sectors back online following Friday's major IT outage, caused by a software update by global cybersecurity firm CrowdStrike.

The update triggered systems problems that grounded flights, forced broadcasters off air and left customers without access to services such as health care or banking.

"There has been a huge amount of work over this weekend to get the economy back up and running," Ms O'Neil said.

"However, it will take time until all affected sectors are completely back online. In some cases, we may see teething issues for one or two weeks."

'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says (1)

There was no impact on critical infrastructure and government services, and triple-0 and emergency services remained "completely operational", Ms O'Neil said.

The minister confirmed the National Coordination Mechanism and CrowdStrike had convened for another meeting on Sunday morning to discuss the ongoing issues caused by the outage.

"CrowdStrike informed the meeting this morning that they are now close to rolling out an automatic fix to the issue with their update, as is Microsoft. This should increase the speed at which systems across the economy are back online," Ms O'Neil said.

While some supermarkets were still experiencing issues, there was no fear of food shortages and no need to stockpile, she said.

Ms O'Neil warned the public to be "extremely cautious" of scammers trying to capitalise on the outage.

"Examples that have been reported include people posed as airlines offering to resolve issues with delayed flights and criminals posing as technical support offering to fix affected technology," she said.

She urged people to look after vulnerable people in their circles, including elderly relatives, and to report any suspicious emails, texts or calls to Scamwatch.

Over 8 million computers disabled, Microsoft estimates

Microsoft estimates about 8.5 million computers around the world were disabled by the outage.

In a statement, Microsoft estimated the error affected 1 per cent of Windows computers worldwide.

'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says (2)

It is the first time a number has been put on the incident, which is still causing problems globally.

CrowdStrike caused the chaos when it sent out a corrupted software update to its customers, sending computer systems crashing.

Companies and consumers are now being warned criminals could try to take advantage of the confusion by making bogus offers for so-called "fixes".

The number given by Microsoft means it is probably the largest-ever cyber event, eclipsing all previous hacks and outages.

The National Co-ordination Mechanism — made up of government agencies and representatives from affected sectors — is meeting to discuss the next steps in Australia's "recovery stage" of the outage.

Assistant Energy Minister Jenny McAllister said work was ongoing between the government and sectors hit by the outage to ensure they were back up and running.

"We are still in a recovery stage … there is still more work to do to make sure that the residual issues arising from this outage are able to be addressed," she told Sky News on Sunday.

"There will be an opportunity in time to reflect on what's occurred over the last couple of days, whether it exposes vulnerabilities that we are able to address."

Most companies affected by the outage were operational again by Saturday.

A 'learning experience', but no compensation

Australian Chamber of Commerce chief executive Andrew McKellar said businesses were unlikely to receive money for the loss in productivity.

"For many businesses, it's going to be very difficult to secure direct compensation, but obviously, that's something that should be looked at," he said.

"If there are ways to consider how that might be evaluated, then obviously that's something that should be on the table.

"It is a reminder, regrettably, for a lot of businesses this is going to be water under the bridge, it's going to be a learning experience."

Call to improve 'national resilience'

David Cullen, from the Australian peak body for cybersecurity executives CISO, said the federal government should consider a review of cybersecurity and software systems in the wake of the outages.

Loading...

He said lessons must be learnt to ensure similar vulnerabilities were prevented.

"Once our systems and services are back to normal across the country, governments and private industry should really take the opportunity to learn as much as we can from this event to understand how we improve that national resilience and how we can reduce the risk of further disruption like those we've just experienced," he said.

However, Oxford University management professor Ciaran Martin, a former chief executive of the UK's National Cyber Security Centre, said many governments would be powerless to take steps to prevent such breakdowns "because we have become dependent on a very American version of technology".

'We've got to be continually at our best'

Shadow treasurer Angus Taylor said CrowdStrike's failure was a warning to businesses and governments to have redundancies ready, noting the consequences could have been more dire if Australia's adversaries launched an attack of a similar scale.

"What it certainly shows us is that our challenges in this space, enemies and challenges more broadly, they are hard and we've got to be continually at our best," Mr Taylor said.

"Government and businesses have got to get smarter and better at being able to deal with these situations, that might mean having redundancy, that might mean ensuring you have got alternatives, it certainly might mean not having one organisation or one company with too much market share."

Home Affairs Minister Clare O'Neil said yesterday that while the tech outage was caused by a mistake, bad actors had been seeking to capitalise on the failure.

CrowdStrike CEO warns of 'bad actors'

Government cybersecurity agencies across the globe and CrowdStrike CEO George Kurtz are warning businesses and individuals about new phishing schemes that involve malicious actors posing as CrowdStrike employees or other tech specialists offering to assist those recovering from the outage.

'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says (3)

"We know that adversaries and bad actors will try to exploit events like this," Mr Kurtz said in a statement.

"I encourage everyone to remain vigilant and ensure that you're engaging with official CrowdStrike representatives."

The UK Cyber Security Centre said it had noticed an increase in phishing attempts around this event.

Microsoft deploys 'engineers and experts' to help customers

Microsoft cybersecurity executive David Weston said "hundreds of Microsoft engineers and experts" were working directly with customers to resolve the issues.

In a blog post, he also said such a significant disturbance was rare but "demonstrates the interconnected nature of our broad ecosystem".

"As we've seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together," he said.

Mr Weston, vice-president at the firm, said the outage affected less than 1 per cent of all Windows machines worldwide, but "the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services".

'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says (4)

CrowdStrike has helped develop a solution that will help Microsoft's Azure infrastructure accelerate a fix, Microsoft said, adding that it was working with Amazon Web Services and Google Cloud Platform, sharing information about the effects Microsoft was seeing across the industry.

The air travel industry was recovering on Saturday from the outage that caused thousands of flights to be cancelled, leaving passengers stranded or grappling with hours of delays as airports and airlines were caught up in the IT outage.

Security experts said a routine update of CrowdStrike's widely used cybersecurity software apparently did not undergo adequate quality checks before it was deployed.

The latest version of its Falcon sensor software was meant to make CrowdStrike clients' systems more secure against hacking by updating the threats it defends against.

"What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through," said Steve Cobb, chief security officer at Security Scorecard, which also had some systems impacted by the issue.

CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.

ABC/wires

Posted, updated

'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says (2024)

FAQs

'Teething issues' following CrowdStrike outage could take 'one or two weeks' to resolve, Clare O'Neil says? ›

However, it will take time until all affected sectors are completely back online,” she said. “In some cases we may see teething issues for one or two weeks. There is no impact to critical infrastructure or government services.”

How long is the CrowdStrike outage? ›

By Saturday, several services were back online, but George Kurtz, the CEO of US cybersecurity company CrowdStrike – whose botched software update on its Falcon Sensor hit Microsoft's Windows operating system – cautioned that a total recovery could take weeks.

What is the CrowdStrike issue? ›

Bottom line: An issue with the software that checks CrowdStrike updates are working properly meant that the firm missed a problem with a content file. The update was pushed out to Windows systems, causing them to crash.

Has the CrowdStrike been fixed? ›

CrowdStrike has issued its fix. But according to those in the know, it will have to be applied separately to each and every device affected. Computers will require a manual reboot in safe mode - causing a massive headache for IT departments everywhere.

What does CrowdStrike do? ›

CrowdStrike delivers security content configuration updates to our sensors in two ways: Sensor Content that is shipped with our sensor directly, and Rapid Response Content that is designed to respond to the changing threat landscape at operational speed.

What is the root cause of the CrowdStrike outage? ›

CrowdStrike said Saturday a bad “sensor configuration update” in its Falcon cybersecurity platform was to blame for a massive global computer outage. The disastrous patch knocked approximately 8.5 million Windows devices offline paralyzing airlines, hospitals and financial institutions globally.

Why is CrowdStrike down so much? ›

CrowdStrike's stock falls further as it draws downgrades in wake of incident. CrowdStrike Holdings Inc. shares were extending their declines Monday as the effects of the company's faulty software update continued to disrupt global technology and as at least two analysts downgraded the cybersecurity stock.

Does the US government use CrowdStrike? ›

Crowdstrike is in wide use across federal agencies and it is a key vendor on the governmentwide Continuous Diagnostics and Mitigation cybersecurity support services contract.

What caused the CrowdStrike crash? ›

The cybersecurity company blamed a bug in a program that's meant to catch issues before software updates are uploaded to customers. That glitch blocked "problematic content data" from being flagged before it was sent to clients, CrowdStrike said in an update on its website.

Is CrowdStrike a virus? ›

CrowdStrike is a web/cloud based anti-virus which uses very little storage space on your machine. CrowdStrike installs a lightweight sensor on your machine that is less than 5MB and is completely invisible to the end user.

Is CrowdStrike owned by Microsoft? ›

Microsoft and CrowdStrike are separately owned, but their software is closely integrated.

How long will IT take to fix CrowdStrike? ›

Tech experts are of the opinion that the Microsoft CrowdStrike issue that has disrupted Microsoft service, networks, systems and applications around the world, may take weeks to fix fully.

What was the cause of the IT outage? ›

The global outage stems from an update CrowdStrike made to its marquee cybersecurity platform, a cloud-based software product called Falcon.

How do I get rid of CrowdStrike? ›

Uninstall from Control Panel
  1. Open the Windows Control Panel.
  2. Click Uninstall a Program.
  3. Choose CrowdStrike Windows Sensor and uninstall it.

Does CrowdStrike make money? ›

To boot, CrowdStrike Holdings, Inc. (NASDAQ:CRWD)'s compounded annual growth rate (CAGR) for its revenue has been 70% since 2017, allowing it to grow its revenue from a mere $50 million to $3 billion. Overall CRWD ranks 4th on our list of the stocks that will skyrocket.

Who does CrowdStrike protect? ›

CrowdStrike protects the people, processes and technologies that drive modern enterprise.

Is the Microsoft CrowdStrike issue resolved? ›

CrowdStrike's CEO apologized for the disruption and assured that they had identified and fixed the issue, focusing on restoring customer systems. Microsoft deployed experts to work with affected customers and collaborated with other cloud providers to mitigate the impact.

Are computers still down from CrowdStrike? ›

The company has said a "significant number" of the approximately 8.5 million computers that crashed on Friday are back in operation as customers and regulators await a more detailed explanation of what went wrong.

How long does it take to hear back from CrowdStrike? ›

The majority of employees think that CrowdStrike interview questions are average and rate their experience an A or 80/100. The average employee completed 3 rounds of the interview process and received a response within within a week.

What is the average response time for CrowdStrike? ›

CrowdStrike encourages organizations to strive to meet the 1-10-60 rule: where security teams demonstrate the ability to detect threats within the first minute of an intrusion, investigate and understand the threat within 10 minutes, and contain and eradicate the threat within 60 minutes.

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Mr. See Jast

Last Updated:

Views: 5335

Rating: 4.4 / 5 (55 voted)

Reviews: 86% of readers found this page helpful

Author information

Name: Mr. See Jast

Birthday: 1999-07-30

Address: 8409 Megan Mountain, New Mathew, MT 44997-8193

Phone: +5023589614038

Job: Chief Executive

Hobby: Leather crafting, Flag Football, Candle making, Flying, Poi, Gunsmithing, Swimming

Introduction: My name is Mr. See Jast, I am a open, jolly, gorgeous, courageous, inexpensive, friendly, homely person who loves writing and wants to share my knowledge and understanding with you.