Is My Data Safe? - Lessons to Learn from the CrowdStrike Outage
August 16, 2024

A Major IT Outage: What Happened?


On July 19, 2024, a significant IT outage disrupted services worldwide. Banks, healthcare facilities, emergency services, and payment systems faced interruptions, causing widespread business closures and even flight cancellations. This global incident left many travelers stranded and businesses scrambling to restore operations. 


What is CrowdStrike? 


CrowdStrike is a leading American cybersecurity company specialising in software to monitor and detect cyber threats. Their flagship product, Falcon EDR (Endpoint Detection and Response), acts like a powerful antivirus tool. It detects and mitigates security threats, alerting of potential hackers. 

 

During a recent update, it caused many computers to crash, resulting in the infamous Blue Screen of Death (BSOD) on Windows systems. Given that Microsoft systems constitute about 70% of desktop operating systems worldwide, the effects of this outage were extensive, impacting millions globally. *


Is My Computer Safe? 


The good news is that CrowdStrike's products are primarily used by organisations, not individual home users. If you are using regular antivirus and anti-malware programs, you would not have been affected by this outage. However, it raises an important question: what can I do to prepare for future outages? 

Lessons Learned for Businesses 


1. Review Redundancy and Single Point Failures 


  • Relying on a Single Source: If your organisation depends heavily on one cybersecurity provider, it can be risky when things go wrong. 
  • Diversify Your Vendors: By using multiple service providers, you reduce the impact of any one service experiencing issues. 
  • Redundant Security Measures: Always have backup security solutions ready to deploy during outages. 

 

2. Enhance Incident Response 

 

  • Effective Plans: A well-prepared incident response plan can greatly reduce the impact of outages. When was the last time you tested yours? 
  • Scenario Planning: Ensure your incident response plans cover various disruption scenarios. 
  • Communication Plans: Clear communication is crucial during outages. What will your messaging be? 

 

3. Employee Training 

 

  • Build a Culture of Resilience: The Australian Cybersecurity Center (ACSC) reported that during the outage, malicious websites and unofficial code attempted to exploit the situation; training staff to recognise these risks is essential.** 
  • Handle Disruptions: Well-trained employees can better manage disruptions and outages. 
  • Regular Drills: Conduct regular training sessions and simulated drills to ensure your team is prepared to handle real incidents efficiently. This includes recognising phishing attempts and social engineering attacks that often follow major disruptions. 

 

4. Organisational Resilience 

 

  • The recent CrowdStrike outage was not caused by a cyber-attack, but it serves as a valuable learning opportunity. You can use this experience to strengthen your business culture of resilience and improve your preparedness for future incidents. The ability to maintain and quickly recover normal operations during a disaster is crucial. 

Lessons Learned for Individuals 


As a reminder to remain vigilant, and as noted by the ACSC, unofficial websites and sources of help were released to take advantage of the CrowdStrike incident**, here are some essential tips to keep in mind: 

 

1. Exercise Caution with Unsolicited Communications: 


Be extra cautious if your primary security tool is down. Always be skeptical of unsolicited messages that ask for personal information or urge you to act quickly. Avoid clicking on suspicious links and directly verify any requests for personal information or payments. 

 

2. Have a recovery plan and backup your data:

 

Ensure your important files are backed up so that you are not reliant on a single source. In the event an outage occurs prepare a recovery plan. 

 

3. Verify the Source: 


During worldly events, if you receive a suspicious call or message, verify the caller’s identity. Be aware of tools like voice cloning and number spoofing that make calls appear legitimate. If in doubt, hang up and contact the entity directly. 

 

4. Secure Your Information:


Use strong, unique passwords for all your accounts and consider a password manager. Enable multi-factor authentication to increase security. 

 

5. Monitor and report Suspicious Activity: 


Regularly check bank and other sensitive accounts for unauthorised transactions and alerts. Report suspicious activity to relevant organisations immediately. If you suspect a cyber-attack, report it to https://www.cyber.gov.au/ 

We’re Here to Help 


Cyber-attacks and scams will always be prevalent in the online world, but by working together and being prepared, we can help detect and prevent suspicious activity. If you think you’ve been a victim of a scam or are worried about the security of your accounts, email us at csg@melbcdf.org.au or phone 1800 134 135. 



Reference 

* https://news.sky.com/story/microsoft-has-serious-questions-to-answer-after-what-could-be-the-biggest-it-outage-in-history-13180962 

** https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/widespread-outages-relating-crowdstrike-software-update 

Share this article:

Related articles

Building Faith and Community: How a Tech-Savvy Teen Saint Inspired a New School

September 1, 2025
It's lunchtime at Carlo Acutis Catholic Primary School in Wollert , part of Melbourne's northern growth corridor, and the sound of spirited play fills the air as children explore the grounds of their brand-new school. The red and blue of their uniforms, still fresh in the school’s foundation year, is a deliberate tribute to their patron's favorite colours. Named after Italian teenager Carlo Acutis, who used his coding skills to document and celebrate Eucharistic Miracles before dying from leukemia in 2006 at just fifteen years old, the school embodies the spirit of a remarkable young man who will soon become the first of the 'influencer' generation to be canonised as a Saint on the 7th September 2025. "He lived a life of faith, of service, of generosity and courage, and these are the values that we take for the life of this school," says Foundation Principal Damian Howard, who traveled to Assisi in Italy where Carlo is buried and had the honor of meeting Carlo's mother to learn more about her son's qualities and discuss plans for the school. The primary school opened in February this year and was built with the assistance of a $10.3 million loan from CDF, creating a focus point for a new Catholic community.

CDF Announcement: Chief Executive Officer Transition

August 1, 2025
Announcement: 1 August 2025

A New School Program Helps Bridge Generation Gap

July 28, 2025
A new program called Generations of Value has been introduced in Catholic primary schools across Australia at the start of Term 3, 2025. The program aims to help children appreciate the unique contributions of people at all stages of life, showing them how society is stronger and more vibrant with generations working together. The program was developed by Mercy Health Foundation , Australian Catholic University (ACU) , Meaningful Ageing Australia and Catholic Health Australia , and sponsored by Catholic Development Fund (CDF). One of the main instigators, the foundation’s partnerships manager, Mark Trayli ng, says the thinking behind the program stemmed from a comment by his grandfather, a naval man, that when people lose their last parent, they become a ship without a rudder. ‘I appreciated the sentiment because it underscored how much we rely on previous generations for guidance ,’ Mr Trayling says. ‘ But upon reflection, I’d modify that image: while growing up, it’s helpful to have two hands on the tiller and someone pointing to the North Star—so that later in life, we’ll know how to steer on our own. Generations of Value is a reflection of this sentiment .’ Older people now are healthier, more educated and more involved than they ever have been.
More

CDPF Limited, a company established by the Australian Catholic Bishops Conference, has indemnified the Catholic Development Fund ABN 15 274 943 760 (the Fund) against any liability arising out of a claim by investors in the Fund. In practice, this means your investment is backed by the assets of the Catholic Archdiocese of Melbourne. The Fund is required by law to make the following disclosure. Investment in the Fund is only intended to attract investors whose primary purpose for making their investment is to support the charitable purposes of the Fund. Investors’ funds will be used to generate a return to the Fund that will be applied to further the charitable works of the Archdiocese of Melbourne and the Dioceses of Sale and Bunbury. The Fund is not prudentially supervised by the Australian Prudential Regulation Authority nor has it been examined or approved by the Australian Securities and Investments Commission (ASIC). An investor in the Fund will not receive the benefit of the financial claims scheme or the depositor protection provisions in the Banking Act 1959 (Cth). The investments that the Fund offers are not subject to the usual protections for investors under the Corporations Act (Cth) or regulation by ASIC. Investors may be unable to get some or all of their money back when the investor expects or at all and investments in the Fund are not comparable to investments with banks, finance companies or fund managers. The Fund’s identification statement may be viewed here or by contacting the Fund. The Fund does not hold an Australian Financial Services Licence.