Prof Oli Buckley, Professor in Cyber Security, Loughborough University, said:
“CrowdStrike’s recent update issues highlight a critical gap: while experienced users can implement the workaround, expecting millions to do so is impractical. The real challenge lies in deploying the workaround across all affected systems—a non-trivial task demanding coordinated efforts, so a proper patch can be put in place.”
Prof Jon Crowcroft FRS FREng, Marconi Professor of Communications Systems, University of Cambridge, said:
“Technically, it isn’t actually a software problem but a config file error.
“While it is true that we have a lot of dependence on too small a number of software or service components and we need more diversity, it’s worth noting that three sites I use that are Microsoft cloud based are all completely ok, so crowdstrike isn’t as widely used/pervasive as some of the hyperbole suggests.
“There are other possibly larger cloud/internet cybersecuity defenses – e.g. cloudflare; if this had happened with that it would likely have been a lot more serious.”
Ian Golding, Digital expert at the Institution of Engineering and Technology, said:
“It’s too early to know precisely what has happened although an update to critical cyber security elements in the ecosystem of various providers and systems appears to have malfunctioned, causing mass failure of the computers relied upon for delivering services across these organisations.
“Despite organisations using well known and carefully chosen global IT providers, they all must work seamlessly together. This interoperability is usually extremely well managed and tested with great skill and diligence, but it is complex, and as we see this can fail occasionally – today the failure and impact appears to be widespread and affecting all sectors from transportation to healthcare. Organisations will be looking at their IT architecture, their dependencies and assets and the associated key risks, including the risks that they expect their trusted providers to manage actively on their behalf.
“Whatever the weak links in the chain that are discovered from today’s outage, the organisations affected will become better prepared with their Plan B for a scenario like this in the future – understanding risks and putting in place resilience and recovery plans are key for these operational platforms affecting so many people today.”
Prof Harin Sellahewa, Dean of Faculty of Computing, Law and Psychology, University of Buckingham, said:
“Today’s global outage of IT systems in several sectors highlights the complexity of current IT systems and infrastructure, and the need for increased resilience to minimise risks of failure due to cyberattacks, hardware failures or human error.”
Prof James Davenport, Hebron and Medlock Professor of Information Technology, University of Bath, said:
“It appears that the problem isn’t a software update in the traditional sense, rather it is a new ‘channel file’ (roughly speaking, what your defence software should look for: a modern version of a virus signature) which is apparently corrupt and causing the Falcon crashes. This has been apparently fixed, but of course it is still in the system, and will take time to flush through.
“My advice would be to NOT reboot/restart until the all-clear is given by a reputable source (ideally a joint Crowdstrike/Microsoft statement, but in practice we will probably get one or the other). Do not accept “it’s gone away” statements.”
Dan Card, of BCS, The Chartered Institute for IT and a cyber security expert, said:
“People should remain calm whilst organisations respond to this global issue. It’s affecting a very wide range of services from banks to stores to air travel.
“It looks like a bug to a regular security update, rather than any form of ‘mega cyber attack’, but this is still causing worldwide challenges and is likely to require a large number of people to take manual remedial steps.
“Companies should make sure their IT teams are well supported as it could be a difficult and highly stressful weekend for them as they help customers. People often forget the people that are running around fixing things.”
Prof John McDermid OBE FREng, Director of the Centre for Assuring Autonomy; Lloyd’s Register Foundation Chair of Safety, Institute for Safe Autonomy, University of York, said:
“Security software is intended to protect computers from attack, e.g. by malware. and to provide this protection it has a lot of power to control the host PC. Such software is pervasive – on many if not all machines of a particular type – so a fault in the security software can bring down many computers at once. This appears to be what is behind the widespread outage of Windows-10 based PCs around the world, with knock-on effects on air travel, banking, etc. (Specifically the problem seems to be in software known as the Falcon Sensor produced by CodeStrike.) We need to be aware that such software can be a common cause of failure for multiple systems at the same time, and we need to design infrastructure to be resilient against such common cause problems, e.g. through use of diversity, that is not relying on a single make of computer system and/or software.”
Dr Harjinder Lallie, cyber security expert, University of Warwick, said:
“The worldwide IT outage experienced this morning is unprecedented in the range and scale of systems it has impacted. Although we cannot speculate on the cause of this outage just yet, it appears that this might be a server error emanating from one server supplier.
“This IT ‘catastrophe’ highlights the need for greater resilience, a greater focus on backup systems, and possibly even a need to rethink whether we are using the most resilient operating systems for such critical systems.”
Comments from our friends at the Australian SMC:
Dr Sigi Goode is a Professor of Information Systems in the Research School of Management at the Australian National University
“This incident really highlights the privileged role of large technology companies in our national technology posture. What’s most important is that we learn from it. Adversaries of many kinds are watching our reaction, and learning how they can attack more efficiently in future. Large-scale outages like this are rare, so this really is a great opportunity for adversaries to learn how we respond when things don’t go as planned. Response times, response language, and remediation strategies are all useful pieces of information to an attacker who wants to identify vulnerability and gaps.”
Sigi has declared he has no conflicts of interest. He is available over the weekend between 10am and 4pm
Graeme Hughes is Director – Executive Education at Griffith Advantage, Griffith University
“A widespread IT outage struck Australia on July 19, 2024, impacting numerous sectors like banking, media, telecommunications, supermarkets, and airlines. The culprit appears to be a technical glitch with CrowdStrike’s Falcon sensor, a security software program commonly used on business computers. This malfunction caused crashes that disrupted critical systems.
Consumers faced inconveniences like difficulties with online banking, using EFTPOS at terminals, and accessing online accounts. Communication through customer service lines and business websites was also hampered. Airline check-ins and airport operations may have been slowed down as well.
While the outage is not yet resolved, it highlights our heavy reliance on technology for daily activities. With Australians making over 730 electronic transactions per year on average, our dependence on technology is more critical than ever. Thankfully, there are no reports suggesting this was a cyberattack. Both CrowdStrike and Microsoft are working to address the issue and prevent similar occurrences.”
Graeme has declared he has no conflicts of interest.
Tom Worthington is an Honorary Lecturer in the School of Computing at The Australian National University
“The widespread outages show the risks in relying on a single technology for vital services. There need to be alternate communication links using different software. This does create an added security and maintenance burden, as multiple products need to be looked after and protected. But if you put all your eggs in one basket, you can end up with it on your face.”
Dave Parry is Dean and Professor in the School of IT at Murdoch University
“What’s happened today is that an update to a thing called Falcon Sensor, which comes from a company called CrowdStrike and is a Windows-based tool to detect and respond to cybersecurity threats, seems to have caused a problem with Windows (it looks like Windows 10). That means that the machines that have had this update, effectively are doing a thing called the ‘blue screen of death’. This means their machines want to reboot, but then they can’t be rebooted, and so the machines basically become useless.
This has become a global phenomenon because CrowdStrike is a very large company, and a lot of companies and organisations use them to detect and protect against threats. The issue will affect very, very large numbers of machines around the world. It’s not a cyber attack, but it’s just an interaction of the two pieces of software.”
Dr Shumi Akhtar is an Associate Professor at the University of Sydney
“Today’s technology outage—an unprecedented global crisis—sparked off in the USA, is now ominously rippling across the globe. This sudden, severe disruption halts everyday activities and starkly exposes the fragility of our heavily digitised world. From banking to healthcare, education to government, no sector remains untouched, highlighting an urgent need for a worldwide strategic overhaul of our critical infrastructures. This crisis calls for immediate collaborative action to enhance resilience through robust safeguards and fail-safes, especially in life-critical networks. As we increasingly pivot to a future dominated by digital and AI innovations, this outage is a resounding wake-up call: we must fortify our digital bastions to safeguard against such catastrophic interruptions, ensuring our readiness and security in an interconnected era.
As a result of this outage, at least three critical sectors could be affected significantly.
In the medical industry, a technology outage can result in the loss of access to electronic medical records, critical patient data, and communication systems essential for patient care. This could delay surgeries, medication administration, and emergency responses, potentially endangering lives.
In the banking sector, an outage can cripple financial transactions, including ATM withdrawals, online banking, and payment processing. This disruption can lead to significant financial losses for consumers and institutions, and undermine public trust in the financial system
For the airline industry, technology outages can ground flights, disrupt ticketing and check-in processes, and affect air traffic control. This can lead to massive delays, financial losses, and compromise passenger safety and security. Each of these scenarios highlights the catastrophic potential of technology failures across critical industries.
Today’s event should serve as a crucial wake-up call.”
Shumi has declared she has no conflicts of interest.
Shumi has said her best availability over the weekend is Saturday/Sunday (4-5pm)
Professor Jill Slay is SmartSat Chair: Cybersecurity at University of South Australia (UniSA)
“There is currently a major global technical outage affecting multiple companies and services. Some are attributing this to security services offered by CrowdStrike. Others attribute it to Microsoft or Amazon Authorities and industry will be monitoring, but at this stage it is too early to draw conclusions.
While the outage may easily be a result of misconfiguration by one of these companies, or ‘interference’ between products, the global impact is enormous. It is possible that there is a security breach, but to me, this is instinctively unlikely.”
Jill has declared she has no conflicts of interest.
Toby Murray is an Associate Professor in the School of Computing and Information Systems at The University of Melbourne
“CrowdStrike Falcon has been linked to this widespread outage. CrowdStrike is a global cyber security and threat intelligence company. Falcon is what is known as an Endpoint Detection and Response (EDR) platform, which monitors the computers that it is installed on to detect intrusions (i.e., hacks) and respond to them. That means that Falcon is a pretty privileged piece of software in that it is able to influence how the computers it is installed on behave.
For example, if it detects that a computer is infected with malware that is causing the computer to communicate with an attacker, then Falcon could conceivably block that communication from occurring. If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons: 1 – Falcon is widely deployed on many computers, and 2 – Because of Falcon’s privileged nature.
Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats (so it can better detect them). We have certainly seen anti-virus updates in the past causing problems e.g. here.
It is *possible* that today’s outage *may* have been caused by a buggy update to Falcon.”
Dr Mark Gregory is an Associate Professor in the School of Engineering at RMIT University
“The near global outage appears to have been caused by a failure of systems associated with the Crowdstrike Falcon endpoint security monitoring software. Crowdstrike is a global multi-national software solutions provider.
In Australia, many businesses and organisations have found that their software systems have failed due to the software system outage. The reliance on centrally managed global software solutions can lead to significant security risks.
Australian governments have, for too long, acquiesced to companies that store Australian data overseas and manage critical systems from global headquarters out of Australian jurisdictions.”
Mark has declared he has no conflicts of interest.
Prof James Davenport: “No conflicts (other than a member of the British Computer Society’s Software Resilience Group).”
Dan Card: “None.”
Prof John McDermid: “I have no conflicts to declare.”
For all other experts, no reply to our request for DOIs was received.
in this section
filter RoundUps by year
search by tag
This website uses only necessary cookies, to improve your experience. Read MoreAccept
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
