There will be more outages like Optus’ as tech runs the world

2 hours ago 2

Opinion

September 22, 2025 — 11.59am

Technology is now a pervasive part of our everyday lives. We take for granted that it will work, even if we don’t quite understand how it works. And we expect it to work perfectly – until it doesn’t.

Usually, a failure of technology is annoying and frustrating. But occasionally – thankfully rarely – it’s a matter of life or death.

Last week, people died while trying to call Triple Zero for help, with their calls unanswered because their carrier’s network was down after Optus botched what was supposed to be a routine firewall upgrade of its network. What Optus has described as a “technical failure” meant that callers to emergency services in South Australia, the Northern Territory and Western Australia were unable to get through.

Pressure is mounting on Optus CEO Stephen Rue after the disastrous outage.

There seem to be several layers of mistakes that led to the prolonged outage.

Those implementing the firewall upgrade apparently hadn’t followed protocols. When customers tried to alert the company that there was a problem, offshore-based call centre staff didn’t escalate the issue to their supervisors. Instead, they tried to troubleshoot the problem, which meant they didn’t generate the red flags in Optus’ systems that would have alerted more senior staff to an outage.

These are human errors layered over what seems to have been a software glitch in the upgrade; errors that vastly magnified the consequences of the faulty upgrade.

The government and community may be asking more of major companies than they, or the available technology, can deliver.

Network outages aren’t uncommon in companies such as telcos or banks, which are essentially massive – and massively complex – technology platforms being asked to cope with vast amounts of data and data volumes that are increasing at exponential rates.

This is Optus’ second outage in its Triple Zero network in two years. Telstra’s Triple Zero network went down only last year. Last week, a routine update of the Commonwealth Bank’s systems left customers unable to access their accounts for hours. The other big banks have had similar experiences.

The complexity of modern IT systems used by big companies and their vulnerability to human errors, whether in data entry, underlying coding, or the execution of an upgrade, means they will never be 100 per cent reliable.

The challenge for those responsible for them is to minimise the number of “events” and the degree of damage or disruption they might cause, and to have the processes in place to respond as appropriately and quickly as possible when they do occur.

Optus, it would seem, doesn’t have foolproof processes in place. There were delays between when customers tried to alert the company that there was a problem, the time it took for the issue to be escalated to senior managers, the problems the company experienced in extracting records from its systems so that welfare checks could be made to the callers, and the time it took for Optus to notify the authorities and the public.

The moment its call centres started receiving calls saying there was an issue with the Triple Zero network, someone senior should have been notified. Optus’ chief executive Stephen Rue says that will now be the protocol. Better late than never, although that’s no consolation for the families of those who died while trying to contact emergency services.

There will be plenty of introspection on exactly how the outage occurred, with blame and criticism distributed, and no doubt, financial consequences for the company.

It should be noted, however, that the Triple Zero system has essentially been outsourced to private companies – the three major telcos – who are supposed to support it with investment, staff and processes. They may, or may not, adequately resource or focus sufficient attention on what is a not-for-profit service.

Whether it is banks and their anti-money laundering responsibilities, or telcos and their Triple Zero services, these companies are being asked to invest billions of dollars to provide community services. They are then fined heavily, suffer immense damage to corporate and personal reputations and position if their technology or processes fail.

Something similar could be said about the inability of some of our biggest companies’ technology to cope with their employees’ remuneration arrangements. “Wage theft” at the big company level relates more to the inability of IT systems to cope with the complexities generated by multiple awards, different shifts and individual pay arrangements than it does to deliberate underpayment.

The government and community may be asking more of major companies than they, or the available technology, can deliver. There’s an assumption, which we all know is wrong, that the technology will always work perfectly.

Given that no one can guarantee that these big platforms will never experience malfunctions (it is almost guaranteed that they will), the community service obligations attached to their licences to operate are poisoned chalices.

The consequences of failure, however, ought to motivate those involved to do everything possible to minimise the number and magnitude of the damaging events they experience. The regularity of these incidents within the sector should mean their executives have a pretty good handle on the vulnerabilities in their systems and processes.

In Optus’ case, a series of issues – it was also hit by a massive cyberattack in 2022 where nearly 10 million customers’ data was exposed – raises the question whether its Singaporean parent has invested sufficiently in the resilience of its Australian infrastructure and, given that Rue pointed to a failure of processes, whether the local management has responded adequately to the lessons it should have learned from its 2023 outage.

The fact that Telstra and Vodafone have also had major outages, however, indicates more investment and/or more robust processes aren’t necessarily the complete solution, although they would presumably help.

Last year, computers around the world that were running Microsoft’s Windows software crashed after an update rolled out by cybersecurity firm CrowdStrike Falcon. Globally, companies are increasingly reliant on a handful of providers for their cybersecurity and their data storage.

In the future, another layer of vulnerability and dependency will be added as artificial intelligence becomes more embedded in companies’ systems.

The Optus experience isn’t unique and probably won’t be the last outage or technology-related crisis within a big Australian organisation.

That won’t, however, be of any consolation to those affected by its failure and won’t appease those who want to hold the humans involved in its processes accountable. You can’t sack a technology platform.