Efforts are underway to address the global technology disruptions that are wreaking havoc on travelers, hospitals and banks, but that may not mean the end of your IT woes: phishing schemes aimed at tricking businesses and individuals are now starting to come to light.
Security experts are warning of malicious actors pretending to be tech experts and offering help recovering from the outage, which was caused by a faulty software update from cybersecurity firm CrowdStrike.
Some scammers may even pose as employees of CrowdStrike, which is headquartered in Texas with offices around the world.
CrowdStrike said no hack or cyberattack caused the outage and provided a patch to address it. The company apologized and promised to be as transparent as possible in assessing what happened, while warning that some parties may try to take advantage of the situation.
For example, in Latin America there have been a number of fraud attempts from fraudsters trying to scam people and the UK’s National Cyber Security Centre said it had noticed an increase in phishing attempts linked to the outage.
CrowdStrike CEO George Kurtz told NBC on Friday: Today’s Events that the company is working with its customers around the world to ensure they return online safely.
“It may take time for some systems that cannot recover automatically,” he said. “However, our mission is… to ensure that every customer recovers fully, and we will not give up until all of our customers are back to normal, and we will continue to protect them and keep the bad guys out of their systems.”
Canadians woke up Friday to a global technology disruption that disrupted operations across multiple industries. Cybersecurity firm Crowdstrike’s Falcon Sensor software caused Microsoft Windows to crash and display a blue error screen. Cybersecurity and technology analyst Ritesh Kotak explains how the outage affected Crowdstrike subscriptions and what mitigation measures Microsoft could take.
Canadian analysts say power outages are a major target for fraudsters
Microsoft said Saturday that about 8.5 million devices running the Windows operating system were affected by a computer crash that caused some devices to hang on what’s known as a “blue screen of death” — indicating that a computer has been disconnected from the network in a complete system failure with no ability to restart.
That’s less than one percent of all Windows-based machines, Microsoft cybersecurity chief David Weston said in a blog post Saturday.
He also said such major disruptions are rare but “demonstrate the interconnected nature of our vast ecosystem.”
Yet, says Carmi Levy, a technology analyst in Canada, fraudsters are still scanning headlines for phishing opportunities.
“They usually contact us via email or instant messaging on social media,” he explained. Some will even call and say they are from the support service, in order to “look for opportunities to contact us when they least expect it.”
Cybersecurity agencies are warning the public about a new wave of fraud following a global technology outage Friday. Technology analyst Carmi Levy said people should be wary of messages offering help, even if they appear to come from legitimate companies. “Our first instinct should be: fraud!” he said.
“We tend to think of fraudsters, cybercriminals, fraudsters as James Bond-style masterminds – supervillains who use extraordinary technology and extraordinary knowledge – when in fact they’re lazy,” Levy told CBC on Saturday from London, Ont.
“They attack us when we are most vulnerable… they will attack us during natural or man-made disasters like this, when there is chaos and uncertainty.”
Residual impacts of power outages
The impact of the power outage continued into Saturday, with some airline passengers told it could take three days to reach their destination, while some pharmacy and banking services were still affected.
As of Saturday morning, airlines worldwide had canceled more than 1,500 flights, far fewer than the more than 5,100 cancellations on Friday, according to figures from tracking service FlightAware.
Two-thirds of Saturday’s flight cancellations were in the United States, where airlines scrambled to get planes and crews back in position after Friday’s major disruption. U.S. airlines canceled about 3.5% of their scheduled flights on Saturday, according to travel data provider Cirium. Only Australia was more severely affected.
Cancelled flights accounted for about 1 percent in the UK, France and Brazil, and about 2 percent in Canada, Italy and India among major air travel markets, Cirium said.
David Shipley, CEO of Beauceron Security, a New Brunswick-based cybersecurity software company, said Canadians frustrated by CrowdStrike’s intrusions should be “outraged” and ensure federal party leaders are aware of their frustrations in order to mitigate future incidents.
Robert Mann, a former airline executive and consultant in the New York area, said it was unclear why U.S. airlines were experiencing such disproportionate cancellations. Possible causes include higher levels of technology outsourcing and greater exposure to Microsoft operating systems receiving flawed updates from CrowdStrike, he said.
Health systems around the world reported widespread problems – including closures, cancellations of surgeries and appointments, and restrictions on access to patient records – due to Friday’s power outages.
On Friday, British Columbia health officials said the outage affected the system’s networks and computers, while hospitals in Toronto and Hamilton were also dealing with some issues related to the outage. Some health services in Newfoundland and Labrador were also affected.
In the United States, Cedars-Sinai Medical Center in Los Angeles said Saturday that “steady progress has been made” in getting its servers back online and thanked its patients for their flexibility during the crisis.
In Austria, a major doctors’ organisation said the outage had exposed vulnerabilities in relying on digital systems.
Harald Mayer, vice president of the Austrian Chamber of Physicians, said the outage showed that hospitals needed analog backups to protect patient care. The organization also called on governments to enforce high standards for patient data protection and security, and asked health care providers to train staff and implement systems to manage the crisis.
The University Hospital of Schleswig-Holstein in northern Germany cancelled all elective surgeries on Friday but said the system was gradually being restored and elective surgeries could resume on Monday.
How to protect yourself from technology
While this week’s outages may be rare, Levy cautioned against complacency and offered the following tips for filtering out fakes:
- Big tech companies aren’t going to spontaneously reach out to people to tell them about a problem and offer to fix it. “Microsoft customer service doesn’t work that way. Nobody does. … our first inclination should be fraud.”
- If you receive an email or other message, exit the message and go to the company’s website to see if there are any messages or updates.
- If you click on a phishing link or provide remote access to your computer, act quickly to secure your email and other accounts, change passwords, and contact the provider of the platform used in the scam.
- To avoid being easily fooled, “strengthen” your personal profile and don’t “put all your eggs in one basket.” For example, for banking matters, make sure you have a manual method to interact with the bank other than through an app on your mobile phone. “Make sure you follow smart password protocols on all your accounts: you need a different password for each account and change it regularly. Use passwords that are difficult to guess,” Levy advises, as cybercriminals are known to collect information from your online profiles.
“Travel nerd. Social media evangelist. Zombie junkie. Total creator. Avid webaholic. Friend of animals everywhere. Future teen idol.”
