Andrew Charlton (Parramatta, Australian Labor Party) Share this | Link to this | Hansard source

My question is to the Minister for Cyber Security. What was the government's role in the response to the CrowdStrike outage?

Mr Tony Burke (Watson, Australian Labor Party, Leader of the House) Share this | Link to this | Hansard source

I thank the member for Parramatta for the question and acknowledge the work that he is now doing in assisting me in the cyber area. The outage that took place on Friday 19 July, caused by an update published by CrowdStrike, has been described as the biggest IT outage of all time. It ricocheted all around the world, including in Australia. It was not a cyberattack, but all the systems that had been put in place by my predecessor, the member for Hotham, were able to be tested and showed that Australia is far better prepared for cyberattacks than comparable nations. In establishing the National Cyber Security Coordinator, we established that this would be used for the National Coordination Mechanism.

CrowdStrike brought down systems across the whole country and around the world. It left travellers stranded at airports. It posed issues for supermarket supply chains. It disrupted countless businesses. Every single one of us had people in our electorates unable to get money and purchase goods because of how this had interfered with Australian systems. Within three hours of the CrowdStrike update being published, the government had convened the National Coordination Mechanism.

Members will be familiar with the mechanism but not historically with its involvement with cyber. Anyone who's held the emergency service portfolio is aware of the way the National Coordination Mechanism brings in who is relevant to each crisis when it happens, gets them all together and starts working it through, together, through the leadership of the government. It's what we use, since the change of government, for natural disasters, cyber incidents and threats to critical infrastructure.

As I said, the first meeting was convened within three hours of the update going out. It was chaired by the deputy secretary of the Department of Home Affairs, Cyber and Security Group. It included representatives from the company CrowdStrike itself, a wide range of Australian state and territory government representatives and key industry representatives. Seven meetings like this continued over the following days. The process was led by staff from my department, including the National Cyber Security Coordinator, a position that did not exist before the change of government, led by Lieutenant General Michelle McGuinness. It found ways to deal with the long tail of consequences that stem from an outage of that scale.

All of this was possible only because we changed the government. If those opposite had still been in, there'd be no cabinet minister to deal with threats, there'd be no dedicated office within my department, and the National Coordination Mechanism would not be available for cyber. (Time expired)