8.5 Million Computers Running Windows Affected by Faulty Update from CrowdStrike

A technician works on an information display near United Airlines gates at Chicago O'Hare International Airport in Chicago, Friday, July 19, 2024, after a faulty CrowdStrike update caused a major internet outage for computers running Microsoft Windows. (AP Photo/Carolyn Kaster)
A technician works on an information display near United Airlines gates at Chicago O'Hare International Airport in Chicago, Friday, July 19, 2024, after a faulty CrowdStrike update caused a major internet outage for computers running Microsoft Windows. (AP Photo/Carolyn Kaster)
TT

8.5 Million Computers Running Windows Affected by Faulty Update from CrowdStrike

A technician works on an information display near United Airlines gates at Chicago O'Hare International Airport in Chicago, Friday, July 19, 2024, after a faulty CrowdStrike update caused a major internet outage for computers running Microsoft Windows. (AP Photo/Carolyn Kaster)
A technician works on an information display near United Airlines gates at Chicago O'Hare International Airport in Chicago, Friday, July 19, 2024, after a faulty CrowdStrike update caused a major internet outage for computers running Microsoft Windows. (AP Photo/Carolyn Kaster)

As the world continues to recover from massive business and travel disruptions caused by a faulty software update from cybersecurity firm CrowdStrike, malicious actors are trying to exploit the situation for their own gain.
Government cybersecurity agencies across the globe and even CrowdStrike CEO George Kurtz are warning businesses and individuals around the world about new phishing schemes that involve malicious actors posing as CrowdStrike employees or other tech specialists offering to assist those recovering from the outage.
“We know that adversaries and bad actors will try to exploit events like this,” Kurtz said in a statement. “I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”
According to The Associated Press, the UK Cyber Security Center said they have noticed an increase in phishing attempts around this event.
Microsoft said 8.5 million devices running its Windows operating system were affected by the faulty cybersecurity update Friday that led to worldwide disruptions. That’s less than 1% of all Windows-based machines, Microsoft cybersecurity executive David Weston said in a blog post Saturday.
He also said such a significant disturbance is rare but “demonstrates the interconnected nature of our broad ecosystem.”
What's happening with air travel? By late morning on the US East Coast, airlines around the world had canceled more than 1,500 flights, far fewer than the 5,100-plus cancellations on Friday, according to figures from tracking service FlightAware.
Two-thirds of Saturday’s canceled flights occurred in the United States, where carriers scrambled to get planes and crews back into position after massive disruptions the day before. According to travel-data provider Cirium, US carriers canceled about 3.5% of their scheduled flights for Saturday. Only Australia was hit harder.
Canceled flights were running at about 1% in the United Kingdom, France and Brazil and about 2% in Canada, Italy and India among major air-travel markets.
Robert Mann, a former airline executive and now a consultant in the New York area, said it was unclear exactly why US airlines were suffering disproportionate cancellations, but possible causes include a greater degree of outsourcing of technology and more exposure to Microsoft operating systems that received the faulty upgrade from CrowdStrike.
How are healthcare systems holding up? Health care systems affected by the outage faced clinic closures, canceled surgeries and appointments and restricted access to patient records.
Cedars-Sinai Medical Center in Los Angeles, Calif., said “steady progress has been made” to bring its servers back online and thanked its patients for being flexible during the crisis.
“Our teams will be working actively through the weekend as we continue to resolve remaining issues in preparation for the start of the work week,” the hospital wrote in a statement.
In Austria, a leading organization of doctors said the outage exposed the vulnerability of relying on digital systems. Harald Mayer, vice president of the Austrian Chamber of Doctors, said the outage showed that hospitals need to have analog backups to protect patient care.
The organization also called on governments to impose high standards in patient data protection and security, and on health providers to train staff and put systems in place to manage crises.
“Happily, where there were problems, these were kept small and short-lived and many areas of care were unaffected” in Austria, Mayer said.
The Schleswig-Holstein University Hospital in northern Germany, which canceled all elective procedures Friday, said Saturday that systems were gradually being restored and that elective surgery could resume by Monday.



US Judge Finds Israel's NSO Group Liable for Hacking in WhatsApp Lawsuit

Israeli cyber firm NSO Group's exhibition stand is seen at "ISDEF 2019", an international defense and homeland security expo, in Tel Aviv, Israel June 4, 2019. REUTERS/Keren Manor/File Photo
Israeli cyber firm NSO Group's exhibition stand is seen at "ISDEF 2019", an international defense and homeland security expo, in Tel Aviv, Israel June 4, 2019. REUTERS/Keren Manor/File Photo
TT

US Judge Finds Israel's NSO Group Liable for Hacking in WhatsApp Lawsuit

Israeli cyber firm NSO Group's exhibition stand is seen at "ISDEF 2019", an international defense and homeland security expo, in Tel Aviv, Israel June 4, 2019. REUTERS/Keren Manor/File Photo
Israeli cyber firm NSO Group's exhibition stand is seen at "ISDEF 2019", an international defense and homeland security expo, in Tel Aviv, Israel June 4, 2019. REUTERS/Keren Manor/File Photo

A US judge ruled on Friday in favor of Meta Platforms' WhatsApp in a lawsuit accusing Israel's NSO Group of exploiting a bug in the messaging app to install spy software allowing unauthorized surveillance.

US District Judge Phyllis Hamilton in Oakland, California, granted a motion by WhatsApp and found NSO liable for hacking and breach of contract.

The case will now proceed to a trial only on the issue of damages, Hamilton said. NSO Group did not immediately respond to an emailed request for comment, according to Reuters.

Will Cathcart, the head of WhatsApp, said the ruling is a win for privacy.

"We spent five years presenting our case because we firmly believe that spyware companies could not hide behind immunity or avoid accountability for their unlawful actions," Cathcart said in a social media post.

"Surveillance companies should be on notice that illegal spying will not be tolerated."

Cybersecurity experts welcomed the judgment.

John Scott-Railton, a senior researcher with Canadian internet watchdog Citizen Lab — which first brought to light NSO’s Pegasus spyware in 2016 — called the judgment a landmark ruling with “huge implications for the spyware industry.”

“The entire industry has hidden behind the claim that whatever their customers do with their hacking tools, it's not their responsibility,” he said in an instant message. “Today's ruling makes it clear that NSO Group is in fact responsible for breaking numerous laws.”

WhatsApp in 2019 sued NSO seeking an injunction and damages, accusing it of accessing WhatsApp servers without permission six months earlier to install the Pegasus software on victims' mobile devices. The lawsuit alleged the intrusion allowed the surveillance of 1,400 people, including journalists, human rights activists and dissidents.

NSO had argued that Pegasus helps law enforcement and intelligence agencies fight crime and protect national security and that its technology is intended to help catch terrorists, pedophiles and hardened criminals.

NSO appealed a trial judge's 2020 refusal to award it "conduct-based immunity," a common law doctrine protecting foreign officials acting in their official capacity.

Upholding that ruling in 2021, the San Francisco-based 9th US Circuit Court of Appeals called it an "easy case" because NSO's mere licensing of Pegasus and offering technical support did not shield it from liability under a federal law called the Foreign Sovereign Immunities Act, which took precedence over common law.

The US Supreme Court last year turned away NSO's appeal of the lower court's decision, allowing the lawsuit to proceed.