A misconfigured Crowdstrike Falcon update pushed to Windows early Friday morning has caused millions of computers to display the infamous “blue screen of death,” while disrupting healthcare delivery at hospitals, health systems, and medical practices in the U.S., U.K., Israel, Germany, and other countries.
Clinical care providers work manually to provide patient care because they lack access to electronic patient records and other mission-critical IT systems.
CrowdStrike CEO George Kurtz said the massive outage was “not a security incident or cyberattack,” in a statement released Friday morning on social media platform X.
WHY IT MATTERS
The incident has affected countless people and multiple industries worldwide – not just healthcare institutions, but also airlines, banks and other financial institutions. Millions of Microsoft users are facing IT outages as consumers experience delays and disruptions.
For example the Epic EHR was not accessible at Massachusetts General Hospital in Boston on Friday morning, according to NBC Channel 10 News, with Mass General Brigham also reporting widespread disruptions and canceled appointments at its hospitals and medical centers.
Other IT systems in the Boston area, including the Beth Israel Deconess Medical Center website, were reportedly down for a time but have since come back online.
The Times of Israel reports that the outage has had consequences for business operations at more than a dozen hospitals now manually, while ambulances are diverted from affected medical centers to other locations.
Two hospitals of the University Clinic of Schleswig-Holstein in Germany have canceled elective surgeries According to Reuters, this is the result of the global IT outage.
Britain’s National Health Service told CNN the power outage disrupting most GP practices in Englandwho use paper patient records, but not emergency care.
One hospital system – Royal Surrey NHS Foundation Trust – has a critical incident due to the outage. The outage is affecting radiotherapy treatment and pharmacies are not receiving prescribing information from providers, Metro.co.uk reported.
According to the Cincinnati Children’s Hospital Medical Center, a number of systems have been affected.
“Our teams are working hard to minimize disruption to patient care and system operations, and we are bringing systems back online as quickly as possible,” the hospital said in its statement. website.
Non-surgical appointments before 10am were cancelled, while urgent care and emergency centres remained open. Patients with scheduled surgeries and imaging appointments were advised to expect delays.
According to SC Media UK, a Workaround has been published for the broken update for Crowdstrike’s Falcon sensor.
To fix machines stuck in a BSOD loop, Crowdstrike’s lead threat hunter Brody Nisbet advised users to do the following:
- Boot Windows into Safe Mode or WRE.
- Go to C:WindowsSystem32driversCrowdStrike
- Find and delete the file corresponding to “C-00000291*.sys”
- Normal boot.
THE BIGGER TREND
In an era where widespread and disruptive cyberattacks are becoming increasingly common, the fact that this global outage was not caused by an attack may be somewhat reassuring. It is also small comfort to the countless clinicians and patients who have been affected.
ON THE RECORD
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” Kurtz said in a rack on X. “Mac and Linux hosts are not affected. The issue has been identified, isolated, and a fix has been implemented.
“We are directing customers to the support portal for the latest updates and will continue to provide full and continuous updates on our website,” he added. “We further encourage organizations to ensure they communicate with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the safety and stability of CrowdStrike customers.”
Andrea Fox is Editor-in-Chief of Healthcare IT News.
Email address: afox@himss.org
Healthcare IT News is a publication of HIMSS Media.
The HIMSS Healthcare Cybersecurity Forum is scheduled for October 31-November 1 in Washington, DC