Amid the ongoing recovery from significant business and travel disruptions caused by a faulty software update from cybersecurity firm CrowdStrike, malicious actors are exploiting the situation for their own benefit.
Government cybersecurity agencies worldwide and CrowdStrike CEO George Kurtz are cautioning businesses and individuals about new phishing schemes where malicious actors impersonate CrowdStrike employees or other tech experts offering assistance to those affected by the outage.
“We are aware that adversaries and bad actors will attempt to take advantage of events like this,” Kurtz stated. “I urge everyone to stay vigilant and ensure that you are interacting with official CrowdStrike representatives.”
The UK Cyber Security Center has observed an increase in phishing attempts related to this incident.
Microsoft reported that 8.5 million devices running its Windows operating system were impacted by the faulty cybersecurity update on Friday, resulting in global disruptions. This accounts for less than 1% of all Windows-based machines, according to Microsoft cybersecurity executive David Weston in a blog post on Saturday.
He also mentioned that while such a significant disruption is rare, it highlights the interconnected nature of the broad ecosystem.
What’s happening with air travel?
Due to their intricate schedules and technology systems, major airlines often struggle to maintain punctuality even under normal circumstances. Therefore, it was not surprising that the industry was severely affected by the outage, causing crews and planes to be out of position.
By Saturday afternoon on the U.S. East Coast, airlines globally had canceled over 2,000 flights, a decrease from the 5,100-plus cancellations on Friday, as reported by FlightAware. About 1,600 of the canceled flights were in the United States, with carriers working to restore operations following the massive disruptions the day before.
Cancelled flights in the U.S. were around 3.5% of the scheduled flights for Saturday, with Australia being the most severely impacted. Cancelation rates were lower in the United Kingdom, France, Brazil, Canada, Italy, and India.
Robert Mann, a former airline executive, noted that it was unclear why U.S. airlines experienced a higher rate of cancellations, suggesting factors such as increased technology outsourcing and reliance on Microsoft systems affected by the faulty update.
Which airlines are getting hit the hardest?
Delta Air Lines had to cancel more than 800 flights, equating to a quarter of its Saturday schedule, not including Delta Connection regional flights. United Airlines followed with nearly 400 flight cancellations.
Hartsfield–Jackson Atlanta International Airport, dominated by Delta, continued to face challenges for the second consecutive day, with numerous stranded passengers overnight. European airlines gradually restored operations, although Lufthansa and affiliates canceled several flights.
London’s Heathrow Airport and Berlin’s main airport resumed normal operations, while the situation varied among other major air-travel markets.
How are healthcare systems holding up?
Healthcare facilities affected by the outage encountered clinic closures, canceled procedures, and restricted access to patient records.
Cedars-Sinai Medical Center in Los Angeles reported progress in restoring servers and expressed gratitude to patients for their understanding during the crisis. Efforts continued over the weekend to resolve remaining issues ahead of the new work week.
In Austria, the outage prompted calls for analog backups to safeguard patient care, emphasizing the need for high standards in data protection and security within the healthcare sector.
In Germany, the Schleswig-Holstein University Hospital aimed to resume elective surgeries by Monday as systems gradually returned to normal.
Will the tech industry face a reckoning?
Oxford University professor Ciaran Martin expressed surprise at the severe global disruption caused by a software update from a respected cybersecurity company like CrowdStrike, questioning the quality control process. He highlighted the challenges faced by governments due to technology dependence on American systems.
Analysts doubted that the outage would lead to new mandates on tech firms, with Gartner analyst Eric Grenier suggesting that affected businesses should use the provided fix from CrowdStrike and be wary of potential scammers seeking to exploit the situation.
What did scam artists learn from the outage?
Grenier anticipates most affected machines being fixed within a week, but warns of scammers targeting businesses affected by the outage. He advises against accepting help from unknown sources and emphasizes the importance of relying on legitimate solutions provided by CrowdStrike.
Isabella O’Malley in Philadelphia, Stephen Graham in Berlin, and Technology writer Matt O’Brien contributed to this report.
