- Analysis
- Technology
- Network outage
Global IT outage: What caused the CrowdStrike incident affecting banks, airlines and media outlets?
By David Swan
A software outage on Friday crippled the nation’s airlines, TV stations and supermarkets, leaving flights grounded and newsreaders scrambling to fill air time.
The outage appears global in nature, impacting millions of systems in Australia and across the globe, and seems related to US cybersecurity provider CrowdStrike, and its software called the Falcon Sensor.
What is CrowdStrike Falcon?
CrowdStrike is one of the world’s largest cybersecurity vendors, providing thousands of businesses across the world with software to defend against viruses and cyberattacks. The company is headquartered in Austin, Texas and has nearly 10,000 employees. CrowdStrike Falcon is the company’s software that sits in the background on many corporate systems, detecting any viruses and cyber threats.
A blue screen of death.
How did the outage happen?
The outage caused Microsoft laptops and PCs to show a “blue screen of death”, meaning workers and users were unable to access their systems. The outage seemed to begin at around 3pm on Friday (AEST), and affected users in the US before hitting Australia.
“We’re aware of a widespread issue causing BSOD errors on Windows machines across various sensor versions,” a CrowdStrike representative said in a forum post.
Why was Microsoft affected so much?
While Microsoft was not the source of the outage, CrowdStrike’s Falcon software is used primarily on Microsoft Windows systems, rather than Apple Macs, for example. Microsoft said in a statement on X that it was investigating the incident.
What has the federal government said?
The government said there is no evidence to suggest the mass outage is a hack or cybersecurity incident.
“I am aware of a large-scale technical outage affecting a number of companies and services across Australia this afternoon,” National Cyber Security Coordinator Michelle McGuinness said in a statement on X.
“Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies.
“There is no information to suggest it is a cybersecurity incident. We continue to engage across key stakeholders.”
How often has this happened before?
Outages are relatively common these days, with telcos, banks and supermarkets often suffering technical glitches that typically last a few hours.
Such an outage may have never been seen on this scale, however, highlighting how reliant our modern economy is on technology, and increasingly how interconnected it is.
Will my home computer be affected?
No, CrowdStrike’s Falcon software is used primarily on large business and enterprise systems, rather than home Windows PCs. Your computer shouldn’t be impacted by the issue.
Is there a fix?
CrowdStrike has issued advice about a temporary workaround.
Here’s what the tech company says you should do:
- Boot Windows into Safe Mode or the Windows Recovery Environment (you can do that by holding down the F8 key before the Windows logo flashes on screen)
- Navigate to the C:\Windows\System32\drivers\Crowdstrike directory
- Locate the file matching “C-00000291*.sys” file, right click and rename it to “C-00000291*.renamed”
- Boot the host normally.
The Market Recap newsletter is a wrap of the day’s trading. Get it each weekday afternoon.