As the world continues to recover from massive business and travel disruptions caused by a flawed software update from cybersecurity firm CrowdStrike, malicious actors are attempting to exploit the situation for their own gain.
Cybersecurity agencies around the world, and even CrowdStrike CEO George Kurtz, are warning companies and individuals around the world about new phishing attacks in which malicious actors pose as CrowdStrike employees or other technical specialists offering help in remediating the outage.
“We know that adversaries and malicious actors will attempt to exploit these types of events,” Kurtz said in a statement. “I encourage everyone to remain vigilant and ensure you contact official CrowdStrike representatives.”
The UK Cyber Security Centre reports that they have noticed an increase in phishing attempts surrounding this event.
Microsoft said 8.5 million devices running its Windows operating system were affected by Friday’s flawed cybersecurity update that led to global disruptions. That’s less than 1% of all Windows-based machines, Microsoft cybersecurity director David Weston said in a blog post Saturday.
He also said that such a significant disruption is rare, but “demonstrates that interconnected nature of our broad ecosystem.”
On the US East Coast, airlines worldwide had canceled more than 1,500 flights by late morning, down from more than 5,100 cancellations on Friday, according to figures from tracking service FlightAware.
Two-thirds of Saturday’s flight cancellations were in the United States, where airlines scrambled to get planes and crews back on track after massive disruptions the day before. U.S. airlines canceled about 3.5% of their scheduled flights for Saturday, according to travel data provider Cirium. Only Australia was hit harder.
Flight cancellations were about 1% in the UK, France and Brazil and about 2% in Canada, Italy and India, the main aviation markets.
Robert Mann, a former airline executive who now works as a consultant in the New York area, said it’s unclear why U.S. airlines are canceling flights disproportionately. Possible reasons include greater outsourcing of technology and greater exposure to Microsoft operating systems that received CrowdStrike’s flawed upgrade.
Healthcare facilities affected by the outage were faced with closed clinics, canceled surgeries and appointments, and limited access to patient records.
Cedars-Sinai Medical Center in Los Angeles, California, said “steady progress has been made” in getting its servers back online and thanked patients for their flexibility during the crisis.
“Our teams will continue to work actively throughout the weekend as we continue to troubleshoot remaining issues in preparation for the start of the work week,” the hospital wrote in a rack.
In Austria, a leading doctors’ organization said the outage exposed the vulnerability of relying on digital systems. Harald Mayer, vice president of the Austrian Chamber of Physicians, said the outage showed that hospitals need analog backups to protect patient care.
The organization also calls on governments to impose high standards for the protection and security of patient data, and on healthcare providers to train their staff and implement systems to manage crises.
“Fortunately, the problems that occurred remained minor and short-lived, and many areas of concern remained unaffected,” Mayer said in Austria.
The University Hospital of Schleswig-Holstein in northern Germany, which canceled all elective surgeries on Friday, reported Saturday that systems are gradually being restored and that elective surgery can resume from Monday.
___
Stephen Graham in Berlin and technology writer Matt O’Brien contributed to this report.