Subscribe to the free weekly IndyTech newsletter delivered straight to your inbox
Sign up for our free IndyTech newsletter
As the world is recovering from the massive business and travel disruptions caused by a flaw in a software update from cybersecurity company CrowdStrike, bad actors are seeking to exploit the situation for their own gain.
Government cybersecurity agencies around the world, as well as CrowdStrike CEO George Kurtz, have also issued warnings to businesses and individuals worldwide about a new phishing scam involving bad actors posing as CrowdStrike employees or other tech experts and offering to help with recovery from the outage.
“We know that adversaries and bad actors will attempt to exploit events like this,” Kurtz said in a statement. “We encourage everyone to remain vigilant and to get in touch with official CrowdStrike representatives.”
The UK Cyber Security Centre said it had seen an increase in phishing attacks linked to the incident.
Microsoft said 8.5 million devices running its Windows operating system were affected by the flawed cybersecurity update that caused chaos around the world on Friday — less than 1% of all Windows-based machines, Microsoft cybersecurity chief David Weston said in a blog post on Saturday.
He added that while such significant disruptions are rare, they “demonstrate the interconnectedness of our vast ecosystems”.
What is the state of air travel?
By late morning on the US East Coast, airlines around the world had cancelled more than 1,500 flights, far fewer than the more than 5,100 cancelled on Friday, according to figures from tracking service FlightAware.
Two-thirds of Saturday’s canceled flights were in the United States, where airlines were scrambling to get planes and crews back on track following the previous day’s massive disruptions. U.S. airlines canceled about 3.5% of scheduled flights on Saturday, according to travel data provider Cirium. Only Australia was hit harder.
Among major air travel markets, the UK, France and Brazil had around 1% of flights cancelled, while Canada, Italy and India had around 2%.
Robert Mann, a former airline executive and now a New York-area consultant, said it’s unclear exactly why U.S. airlines are suffering a disproportionate number of cancellations, but possible causes include greater outsourcing of technology and increased exposure to Microsoft’s operating system, which received a flawed upgrade from CrowdStrike.
How is the health system sustained?
Health systems affected by the outages saw their clinics close, surgeries and appointments canceled, and access to patient records restricted.
Cedars-Sinai Medical Center in Los Angeles, California, said it was making “steady progress” in getting its servers back online and thanked patients for their flexibility during the crisis.
“Our teams will continue to work proactively through the weekend to resolve any remaining issues in preparation for the start of the work week,” the hospital said in a statement.
In Austria, a leading doctors’ association said the outage exposed the fragility of reliance on digital systems. Harald Meyer, vice president of the Austrian Medical Association, said the outage showed the need for hospitals to have analog backups to safeguard patient care.
The organization also called on governments to impose high standards on the protection and security of patient data, and for health care providers to train staff and implement systems for risk management.
“We were fortunate that any problems in Austria were small, short-lived and many areas of healthcare were not affected,” Meyer said.
Schleswig-Holstein University Hospital in northern Germany canceled all elective surgeries on Friday but said on Saturday the system was gradually recovering and that elective procedures could resume by Monday.