A global cybersecurity watchdog has sounded the alarm about malicious websites claiming to fix bugs. The world’s biggest IT outage It continued to cause chaos throughout the weekend.
In the aftermath, cyber defense agencies in the United States, Britain and Australia each issued warnings over the weekend about an increase in phishing campaigns exploiting the incident. I continued to feel Protect against unprecedented IT outages caused by faulty CrowdStrike software updates.
The airline and health care industries are also still suffering the consequences.
The Australian Cyber Security Centre, a government agency, said there were “numerous malicious websites and unofficial code available to the public claiming to help recover from the widespread outage caused by the CrowdStrike technical incident.”
The US Cybersecurity and Infrastructure Security Agency said hackers were attempting to “exploit” the outage to carry out malicious activity, including distributing ZIP archive files that appear to be targeting CrowdStrike users based in Latin America.
The UK’s National Cyber Security Centre said it has “already observed an increase in phishing attempts referencing this outage”. [ . . . ] It is aimed at both organisations and individuals.
Crowdstrike, Cyber Security Group Security experts from CrowdStrike, whose software patches allegedly caused problems for an estimated 8.5 million Microsoft PCs and servers, recommended Sunday that organizations “ensure they are in contact with CrowdStrike representatives through official channels.”
The Texas-based company said it had released a fix for the flaw and that a “significant number” of affected devices were back online and running.
But the industries hardest hit, from global travel to healthcare, are likely to feel the effects well into next week and possibly beyond.
The aviation industry around the world was largely back to normal on Sunday, but some airlines are still struggling to get operations back on track.
In the United States alone, there were about 1,200 cancellations and 3,800 delays on Sunday, down from about 3,400 cancellations and 13,000 delays on Friday, according to flight-tracking service FlightAware.
Delta Air Lines and United Airlines led the way in absolute numbers. “Reliability is improving,” a United Airlines spokesman said, adding that most of its technology systems had been restored.
Delta Air Lines said Saturday it “expects further cancellations,” adding that it was “continuing to restore operations” on Sunday. Low-cost carrier Spirit Airlines reported disruptions affecting its reservations and airport systems and continued to issue a travel advisory.
On the other side of the Atlantic, in Tui, Europe’s largest travel groupThe airline said flights remain grounded because its crewing systems are affected and its services are “significantly affected”.
The travel company apologised to customers on Sunday and said its flight programme “continues to be subject to unresolvable delays”.
The airline’s crewing system is now up and running but the disruption has had a knock-on effect on flight planning, with 32 flights from the UK cancelled on Friday and a further 11 on Sunday.
In India, low-cost airline IndiGo responded to customer complaints about the cancellation of Flight X on Sunday, citing “the cascading effects of a global travel system outage.”
More than 10,000 flights were canceled worldwide on Friday and Saturday, but that number fell to 2,000 on Sunday, or 1.85% of global flights, according to aviation data firm Cirium.
By comparison, 1.98% of flights were cancelled on the Thursday before the IT outage.
Other airlines including British Airways and easyJet, and airports such as London’s Heathrow and Gatwick, said bad weather in some areas was the main reason for the cancellations on Sunday and reported a return to normal.
Rail services are also struggling with the residual effects. South Western Railway in the UK said around two-thirds of its ticket machines had been shut down but that visits by engineers had got around that time back up and running as of Saturday night, and that it hoped to have the rest up and running in the coming days.
Health services are also likely to suffer lasting effects, with the outages making it impossible to cancel appointments, access patient records or issue prescriptions.
The British Medical Association said on Sunday that the temporary loss of patient records would cause a “significant backlog of patients”. The main medical union, which represents doctors and GPs, called for NHS England to make it clear that even if the IT issues are all fully resolved by Monday, clinics will need time to resume normal services.
“GPs are working flat out this weekend to deal with the impact of Friday’s devastating service outage,” said Dr David Wrigley, the BMA’s vice-chair for GP England.
An NHS spokesman said: “There may still be some delays as services are restored”, but they want to keep disruption to a minimum and told patients to continue attending their appointments unless instructed otherwise.
Additional reporting by Daniel Thomas in London