Global tech outage hits US hospitals
Cybersecurity firm CrowdStrike triggered a massive IT outage on Friday, disrupting businesses, including healthcare, after issuing what was supposed to be a routine software update.
The firm attempted to update its Falcon Sensor product, which protects data encrypted on the cloud from cyberattacks. However, there was a bug during deployment, with some Microsoft users experiencing a critical “blue screen” error, blocking attempts to reboot.
CrowdStrike CEO George Kurtz took to X early Friday morning in an attempt to ease clients’ concerns, stating the problem had been identified, isolated and a fix was in the works.
“Mac and Linux hosts are not impacted. This is not a security incident or cyberattack,” Kurtz stressed. “Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”
But havoc had already ensued. The company serves over half of the Fortune 500 companies, 8 in 10 top financial services firms and tech firms, and 6 in 10 of the top healthcare providers, according to its website. Clients ranging from airlines to hospitals have reported disruptions.
At least 11 health systems contacted by BioPharma Dive’s sister publication Healthcare Dive Friday morning were experiencing problems related to the outage.
Fewer drugmakers commented on the incident. A spokesperson for Biogen said that, while, 5% to 10% of individual personal computers at the biotechnology company were affected, Biogen not identified any “business continuity concerns.” Moderna and Vertex Pharmaceuticals did not comment in response to questions from BioPharma Dive, while Regeneron Pharmaceuticals said it was not affected. Eight other pharmaceutical companies did not respond to BioPharma Dive’s inquiries.
West Orange, New Jersey-based RWJBarnabas Health, Atlanta-based Emory Healthcare, Boston-based Mass General Brigham and Louisville, Kentucky-based Norton Healthcare are among the health systems delaying some procedures until the outage is resolved. A spokesperson for RWJ called the decision a move made out of “an abundance of caution.”
Other facilities, including Buffalo, New York-based Kaleida Health and Burlington, Massachusetts-based Tufts Medicine are open. However, they’re operating under emergency management downtime procedures.
The American Hospital Association is aware of the outage and in touch with health systems as well as the federal government about the situation, John Riggi, the AHA’s national advisor for cybersecurity and risk, told Healthcare Dive via email.
Most systems are reporting disruptions related to communication systems, such as scheduling and check-in procedures. Billing procedures may also be impacted.
Patient care could be affected as well, said Dan Denno, senior architect in West Monroe’s technology and experience practice.
“I wouldn’t see somebody handling patients without being able to boot up their Windows system,” he said. “If your healthcare company did not have the IT staff to figure this out and handle it for you, I could see a lot of companies impacted by this, and patient care.”
The outage is the largest in a decade, according to Neil MacDonald, a vice president and analyst at Gartner. And despite Kurtz’s assurances on social media that a fix is in the works, MacDonald isn’t optimistic the recovery process will be smooth.
“I’ve seen some CrowdStrike comments [that] it’s fairly straightforward to fix, but it’s not in the sense that you have to get Windows into safe mode, which bypasses the CrowdStrike driver, then remove the offending file and then do a reboot,” Kurtz said. “In many cases, it’s going to require the end user to do that — maybe an IT person. Yes, it’s simple, but it doesn’t lend itself well to automation. … It will take time.”
The manual nature of the recovery process will likely make it even harder for smaller, rural health systems that lack a formal IT department to get back online.
Kurtz said getting systems back online will require familiarity with maneuvering systems in and out of safe mode — a process most users don’t know how to do.
Meanwhile, bad actors could attempt to take advantage of health systems’ desperation to get systems back online, warned Steve Cagle, CEO of cybersecurity firm Clearwater.
“We [are] aware that malicious actors are taking advantage of the CrowdStrike situation and are posing as CrowdStrike support reaching out and offering assistance in restoring systems,” Cagle told Healthcare Dive in an email.
As the healthcare industry grapples with the outage, Kurtz said the deployment should never have occurred.
“It comes down to the development and test and QA and release process. And this should not have been released,” he said.
Emily Olsen, Delilah Alvarado, Ned Pagliarulo and Jonathan Gardner contributed reporting.
Editor’s note: This story has been updated with comment from Biogen.
This post has been syndicated from a third-party source. View the original article here.
