As health system IT teams reported steady progress in bringing computer systems and EHR access back online after Friday’s global outage, the U.S Cybersecurity and Infrastructure Security Agency (CISA) warned that cyber threat actors continue to leverage the outage to conduct malicious activity, including phishing attempts .
The widespread outage was caused by a faulty software update by CrowdStrike last Friday affected Windows-based computers, although many hospital systems were still experiencing scheduling delays and working through issues on Monday morning. In a blog post, Microsoft estimated the outage affected 8.5 million Windows devices. Microsoft notes that this number makes up less than 1 percent of all Windows machines.
CISA said it continues to work closely with CrowdStrike and other private sector and government partners to actively monitor any emerging malicious activity. It said that according to a CrowdStrike blog, threat actors have been distributing a malicious ZIP archive file. This activity appears to be targeting Latin America-based CrowdStrike customers.
To read the full article, see "Hospital IT Teams Still Working to Resolve CrowdStrike-Related Outage Issues," which originally appeared on Healthcare Innovation, an Endeavor Business Media partner site.
