• Crowdstrike crash fallout to last ‘days’

CrowdStrike, which describes itself as a “global cybersecurity leader”, is linked to two contracts worth a combined $2.5m between SA Water and SA Police.

The economic impact of the crash, caused by a corrupted Microsoft Windows update that CrowdStrike pushed to the computers used by its customers, is yet to be calculated and is expected to last days, but the South Australian Business Chamber warned it had been significant.

“Because the outage was not uniform across sectors or businesses, putting a cost to it is not straightforward,” chief executive Andrew Kay said.

“However, given it took hold on a Friday afternoon during school holidays, many businesses would have been set to enjoy peak trading into the evening and in preparation for the weekend.

“If their staff worked through the outage, the business still incurred wage costs and in the case of retailers, lost revenue during that period.

“Trading conditions are tough enough as it is without that impost.”

The outage cost NSW more than $200m and billions worldwide.

CrowdStrike shares tumbled more than 11 per cent to $US304.96 in overnight trade in the US after the mass shutdown.

Microsoft shares were down 0.7 per cent.

Acting Premier Susan Close said the government would follow its “standard review procedure for IT outages of this nature” in the wake of the crash that brought the world to its knees.

However, it is understood the review will not consider whether to cut ties with CrowdStrike.

Ms Close said there were “no adverse impact” on the state’s critical services.

“As with most sectors, there were some minor impacts on government IT systems, but these have been largely resolved,” she said.

“SA Health experienced only minor disruptions to some IT systems but there was no interruption to the triple-0 service and no adverse outcomes for patients.

“The Chief Information Officer has ensured all government departments have access to CrowdStrike’s fix to remedy the problem.

“The State Government continues to actively monitor the situation and has participated in multiple meetings of the Commonwealth’s National Coordination Mechanism since this issue emerged on Friday afternoon.”

The Advertiser understands that review will not specifically look at the CrowdStrike contracts with SA Police and SA Water.

The SA Water contract, worth $1.065m, was signed in September 2022 and is due to expire in September next year.

SA Police tender reveals the $1.5m contract is for antivirus software, while the SA Water contract, valued at $1.05m, is for the CrowdStrike Falcon Platform.

According to the company’s website, the CrowdStrike Falcon Platform is “purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks – including malware and much more”.

It responds to “today’s sophisticated attackers” with a “tiny, single, lightweight sensor” that is cloud-managed and delivered.

The SA Police contract for CrowdStrike’s Next Generation Anti-Virus Software (Endpoint Protection) was signed in June 2021, and is set to expire in June next year.

It is valued at more than $1.545m.

“Next-gen AV uses cutting-edge AI, advanced behavioural analysis with indicators of attack (IOAs), high-performance memory scanning, and exploit mitigation to detect advanced and unknown threats, including fileless attacks,” the CrowdStrike website states.

Cybersecurity expert Troy Hunt said, “This is effectively the Y2K bug we were warned about two and a half decades ago.”

He said a post mortem as to how the update came to crash the system would reveal how to avoid a repeat of the problem and whether it was human error or a problem with an automated system.

CrowdStrike released a lengthy apology statement explaining the situation was not a cyberattack and was caused by “a defect” in an update for Windows users.

The outage forced the cancellation of some scheduled elective surgeries at private hospitals including Calvary Adelaide, grounded flights around the world leaving travellers stranded, and wiped out EFTPOS terminals at supermarkets and shopping centres.

A woman told The Advertiser her husband was prepped for robotic cancer surgery on Friday afternoon when it was cancelled at the last minute.

“They were concerned that the robot would malfunction,” she said.

“He has grade five prostate cancer and we’ve been waiting for a surgery date for a while, so it’s been an emotional upheaval for us.”

The woman, who wished to remain anonymous for privacy reasons, said her husband was now back on the wait list.

“On one hand it’s annoying, frustrating and disappointing that we now go back on the waitlist for the surgery, yet we can’t help but be thankful that they hadn’t started the surgery because if the robot stopped working mid-operation, things could have been far more serious,” she said.

“It’s not the hospital’s fault because what are the chances of something like this happening?”

The man’s surgery was one of a “handful” to be cancelled in what a spokeswoman said was an “abundance of caution”.

She said the hospital was working with patients and doctors to reschedule the procedures in the coming days.

Department for Health and Wellbeing chief executive Dr Robyn Lawrence said SA Health experienced minor disruptions to some IT systems.

“There was no interruption to triple-0 (000) and no adverse outcomes for patients,” Dr Lawrence said.

“We are continuing to monitor this situation and encourage staff to directly report any issues to their manager.”

Mr Kay said the outage should serve as a wake-up call to small business owners.

“While this outage may not be cyber related, it is a timely reminder for all business owners to have policies and procedures in place that are ready to enact should their business go offline,” he said.

“We work in an environment where we are highly dependent on technology, and a world where these interruptions are unlikely to be an isolated incident.”

More Coverage

Knock-on effects continue in SA after global IT outage

Dasha Havrilenko and Tara Miko

‘Unprecedented’ Crowdstrike crash fallout to last ‘days’

David Mills and Merryn Johns