Massive global IT outage hits banks, airports, supermarkets – and a single software update is likely to blame

The Microsoft Windows ‘blue screen of death’ happens when the operating system cannot load correctly. Microsoft

The big four banks, Telstra and major media organisations including the ABC and Foxtel have had services go offline. Customers are not able to use EFTPOS to pay for goods and services in many businesses.

Telstra has reported^[4] that the Triple Zero Emergency Call service is still operating as normal.

How bad is it?

DownDetector^[5] currently shows that a large swathe of Australian businesses are experiencing some form of outage brought on by the software failure.

DownDetector is an online outage reporting tool provided by the global network intelligence and service provider Ookla^[6].

A number of large Australian websites have reported IT outages. This list shows the increase in reports. DownDetector.com.au^[7]

The number of businesses that have ceased operation is staggering.

Major airlines, banks, shops, and many other businesses have been forced to suspend trading or providing services.

Thousands of people will now be stranded at airports around the nation on a Friday evening, and bus and train services will potentially be affected.

What exactly went wrong?

The problem appears to have been caused by a software update gone wrong. A newly released version of CrowdStrike’s cybersecurity software reportedly^[8] caused Windows computers to crash and display a “blue screen of death” – a standard error screen that happens when the operating system cannot load correctly.

Australia’s National Cyber Security Coordinator, Michelle McGuinness, said in a post on X (formerly Twitter) that “There is no information to suggest it is a cyber security incident.”

What is being done?

In a post to a Slack channel of computer administrators, a CrowdStrike representative said “the bleeding has been stopped”, indicating that computers that have not already been affected are unlikely to be hit in future.

Notifications from CrowdStrike are being sent out to customers or posted to support pages that can only be accessed with a login.

A screenshot from the CrowdStrike website showing an alert to customers about crashes related to the company’s Falcon cybersecurity software. CrowdStrike

However, the process of fixing affected computers might be very time-consuming. CrowdStrike advised customers that an affected machine needs to be booted into “safe mode”, and then a specific file will need to be deleted^[9].

This process is likely to need to be done manually, so there is no easy fix that can be applied to many machines at once.

Government action

More information on the CrowdStrike software outage should soon be available from the Australian Cyber Security Centre^[10].

The National Emergency Mechanism group will meet shortly^[11], co-chaired by the National Emergency Management Agency.

Do I need to worry about my Windows computer?

Home computers should not be affected by what’s happening.

CrowdStrike typically provides its Falcon security platform^[12] to large businesses and enterprise customers.

Read more https://theconversation.com/massive-global-it-outage-hits-banks-airports-supermarkets-and-a-single-software-update-is-likely-to-blame-235107