The federal government has praised swift action and cooperation among all levels of government during the Microsoft crash, saying the impact of the outage was far less than initially feared.
The global outage, caused by an error in an update by cyber security software company CrowdStrike, is estimated to have disabled some 8.5 million computers around the world, according to Microsoft.
The outage occured just after 2 pm AEST on Friday, with CrowdStrike finding a fix about an hour and half later.
Prime Minister Anthony Albanese says governments across all levels acted swiftly and worked together cooperatively to minimise the disruption in Australia.
“We know that this has had an impact but the impact was far less than what was first thought it might be,” he told a media conference on Monday.
“That shows that agencies have put in place mechansisms … and I think that Australia can take a great deal of heart by the fact that this disruption could have been far worse than what it was.”
He said questions arising from the event, including the implications of being reliant on single overseas vendors, would be examined over the coming ‘weeks and months and years’.
Crisis response
Home affairs minister Clare O’Neil said the incident triggered the National Coordination Mechanism which enables the federal government to coordinate crisis responses around the country, bringing together critical infrastructure providers including airports, banks, health, transport, water and the media.
“One of the things I always observe in situations like this is that when the chips are down, governments around the country, businesses and other organisations put aside any differences that they might have and work really uniformly to try to protect Australian citizens and to continue to provide services to them, and that’s certainly what I’ve seen in the last period of time we’ve been dealing with this,” she told reporters over the weekend.
Ms O’Neil said the incident highlighted the vulnerabilities created by a digitally interconnected world.
Questions to be answered
She said when things settled CrowdStrike would need to come forward and account for what happened and how it responded, and to address any questions of compensation.
“The Australian Government, of course, will look at what’s occurred post this event,” she said.
“This is a really significant incident that’s occurred here, and there will be a long run of discussions about what we’ve learned and who is ultimately culpable.
“There is no question that there is going to be an extensive conversation from here about the cost to companies, to consumers, about CrowdStrike and how it has handled this matter.
“What I would say is I think there is a conversation here about what needs to be done when we have so many companies around the world who are reliant on one particular provider of technology.”
She also said while Crowdstrike fixed the issue within an hour, it took them about six hours to put out a public statement, which was too long.
She also praised the government response.
“I understand that there will be government services that have been disrupted since yesterday afternoon, but I would also say that we are good at making sure that the services that are most important, that deal with vulnerable people, that are around Emergency Services, are able to function even if we see issues like this.
“What I would say is that this has been a very serious incident for the Australian economy, and what I have seen is governments and businesses and other organisations pull together at speed to make sure that we’re doing everything we can to support our citizens.”
Impacts ‘manageable’
The NSW government said in a statement on Friday that the outage had affected a range of services including transport and Service NSW. Some emergency dispatch services were also impacted, with manual processes put in place.
However the impacts on government services were ‘manageable’, the statement from the premier’s department said.
On Monday, a spokesperson told Government News that NSW government services were operational.
“Some NSW government services were impacted following the CrowdStrike outage,” the spokesperson said.
“These agencies quickly enacted backup plans to minimise disruption to the community, while working to return to normal operations. Importantly, requests for emergency services remained fully operational throughout the incident.”
ALGA president Linda scott said on Friday that Australian local governments were not reporting any ‘widespread significant impacts’ as a result of the disruption, although there were patchy outages in many areas.
“We will continue to ensure the federal government, Clare O’Neil MP and local government peak bodies are briefed on any changes or disruptions,” she said.
CEO apologises
In a blog post on Monday CrowdStrike said it was actively assisting customers affected by outage, which was caused by a defect in a recent content update for Windows hosts.
“The issue has been identified and isolated, and a fix has been deployed,” it said.
“We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon sensor is installed.”
In a statement on Friday CEO George Kurtz apologised for the outage and said CrowdStrike understood the gravity and impact of the situation.
Microsoft VP Enterprise and OS Security David Weston said in a blog post that while it wasn’t a Microsoft incident, the problem impacted the Microsoft ecosystem.
“This incident demonstrates the interconnected nature of our broad ecosystem — global cloud providers, software platforms, security vendors and other software vendors, and customers,” he said.
“As we’ve seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together. We appreciate the cooperation and collaboration of our entire sector, and we will continue to update with learnings and next steps.”
Comment below to have your say on this story.
If you have a news story or tip-off, get in touch at editorial@governmentnews.com.au.
Sign up to the Government News newsletter