A general view from Changi Airport as passengers gather and wait due to the global communications outage caused by CrowdStrike, which provides cyber security services to US technology company Microsoft, on July 19, 2024 in Singapore.
Zakaria Zainal | Anadolu | Getty Images
As the world continues to recover from massive business and travel disruptions caused by a flawed software update from the cybersecurity firm CrowdStrikemalicious actors try to exploit the situation for their own gain.
Government cybersecurity agencies around the world and even CrowdStrike CEO George Kurtz are warning businesses and individuals around the world about new phishing schemes involving malicious actors posing as CrowdStrike employees or other tech experts offering help to those recovering from withdrawal.
“We know that adversaries and bad actors will try to exploit events like this,” Kurtz said in a statement. “I urge everyone to remain vigilant and make sure you work with official CrowdStrike representatives.”
The UK Cyber Security Center said it has seen an increase in phishing attempts around this incident.
Microsoft said 8.5 million devices running its Windows operating system were affected by the flawed cybersecurity update on Friday that led to outages around the world. That’s less than 1 percent of all Windows-based machines, Microsoft’s chief cybersecurity officer, David Weston, said in a blog post on Saturday.
He also said that such a significant disorder is rare, but “proves it interconnected nature of our wider ecosystem.”
What about air travel?
By late morning on the US East Coast, airlines worldwide had canceled more than 1,500 flights, far fewer than the more than 5,100 cancellations on Friday, according to data from tracking service FlightAware.
Two-thirds of Saturday’s canceled flights were in the United States, where carriers scrambled to get planes and crews back in place after massive disruptions the previous day. According to travel data provider Cirium, US carriers canceled about 3.5% of their scheduled flights for Saturday. Only Australia was hit harder.
Canceled flights were about 1% in the UK, France and Brazil and about 2% in Canada, Italy and India among major air travel markets.
Robert Mann, a former airline executive now a consultant in the New York area, said it’s unclear why U.S. airlines suffered a disproportionate number of cancellations, but possible causes include a greater degree of technology outsourcing and greater exposure to Microsoft’s operating systems that received the faulty upgrade from CrowdStrike.
How are health systems holding up?
Health care systems affected by the outage faced closing clinics, canceling surgeries and appointments, and limited access to patient records.
Cedars-Sinai Medical Center in Los Angeles, California, said “steady progress has been made” in getting its servers back online and thanked its patients for their flexibility during the crisis.
“Our teams will be actively working throughout the weekend as we continue to resolve remaining issues in preparation for the start of the work week,” the hospital wrote in a statement. statement.
In Austria, a leading doctors’ organization said the shutdown exposed the vulnerability of reliance on digital systems. Harald Mayer, vice president of the Austrian Chamber of Physicians, said the outage shows that hospitals must have analog backups to protect patient care.
The organization also called on governments to impose high standards on the protection and security of patient data and on health providers to train staff and establish crisis management systems.
“Fortunately, where there were problems, they were kept small and short-lived and many areas of care were not affected” in Austria, Mayer said.
The Schleswig-Holstein University Hospital in northern Germany, which canceled all elective operations on Friday, said on Saturday that systems were gradually being restored and that elective surgery could continue until Monday.