Criminals are trying to profit from the computer outage that affected businesses and services around the world on Friday.
Cybersecurity firm CrowdStrike said Friday that the outage was caused by a faulty update it rolled out to users running Microsoft Windows. It said the outage was not caused by a cyberattack.
In the wake of the outage, government cybersecurity agencies and even CrowdStrike’s CEO are warning businesses and the public about a new phishing operation by criminals who are allegedly trying to pose as employees of CrowdStrike or other tech companies offering to come and help them restore their systems.
“We know that bad actors will try to exploit events like this,” Kutz said. “I encourage everyone to remain vigilant and make sure they’re talking to real CrowdStrike representatives.”
The UK’s Cyber Security Centre says it has noticed an increase in phishing attempts since the outage.
Eric Grenier, an expert at Gartner, a consulting and research firm in the field of advanced technologies, expects that the majority of affected devices will be repaired within a week.
He also believes that evil beings might try to take advantage of the situation to their advantage.
“The threat is very real. Bad actors have the information to send spam or call specific targets. They know what protections companies use. They know if they’re using CrowdStrike.”
Microsoft said Saturday that 8.5 million Windows computing devices were affected by the flawed update that caused the global outage. That’s less than 1 percent of all Windows computing devices, Microsoft’s cybersecurity chief David Weston said.
He added that the disruption is a rare case “demonstrating the interconnected nature of our vast ecosystem.”
Flights
By late morning, airlines had canceled more than 1,500 flights around the world, a number far lower than the more than 5,100 cancellations the day before, according to data from FlightAware.
Two-thirds of Saturday’s cancellations were in the United States, as airlines tried to reassemble crews and relocate aircraft following Friday’s disruptions. U.S. airlines canceled 3.5% of scheduled flights on Saturday, according to Cirium data. Only Australian operations were more disrupted.
The cancellation rate was 1% in the UK, France and Brazil, one point lower than in Canada, Italy and India.
Robert Mann, a former airline executive and now a consultant, said there was no clear explanation for why U.S. airlines canceled a disproportionate number of flights, but he speculated that there was a greater reliance on outside technology and a greater reliance on Microsoft systems that received the flawed CrowdStrike update.
Health systems
The situation was gradually returning to normal in the various healthcare establishments affected by the outage.
For example, Cedars-Sinai Medical Center in Los Angeles, California, reported that steady progress was being made in getting IT services back up and running. It thanked patients for being flexible during the outage.
In Austria, a doctors’ association said the outage had demonstrated the vulnerability of a system that relies on IT. According to Harald Mayer, vice president of the Austrian Chamber of Physicians, the outage has made it clear that hospitals must also be able to rely on analogue systems in the event of a failure.
The organization urged governments to impose higher standards for protecting patient data and for healthcare providers and security companies to train their staff and put systems in place to manage a crisis.
The University Hospital of Schleswig-Holstein in northern Germany had to cancel all non-urgent operations on Friday, but everything was gradually returning to normal on Saturday. Non-urgent operations will be allowed to resume on Monday.
Awareness
Will the outage cause a wake-up call among tech companies?
“I wasn’t surprised that an outage caused significant disruption to the world. I was surprised that it was caused by a software update from a well-respected cybersecurity company,” said Ciaran Martin, a former head of the UK’s National Cyber Security Centre and now a professor at Oxford University.
CrowdStrike will have to answer some tough questions. How did this update pass quality control tests? The system failed it.
Ciaran Martin, professor at Oxford University
Prof Martin fears that European governments will remain powerless to prevent these failures because they are “dependent on the American side of the technology”.
Other experts doubt that the outage will prompt governments to propose new obligations to tech companies.
“I don’t know what these obligations might be. Do you have better security controls?” asks Mr. Grenier.