CrowdStrike bug causes temporary computer outage

TORONTO – Canada’s hospitals, airports and police services have returned to normal after a defective CrowdStrike update to computers using Microsoft Windows caused a global technology outage over the weekend.

On Saturday, Microsoft estimated the update deployed by cybersecurity firm CrowdStrike affected 8.5 million Windows devices worldwide. In Canada, much of that impact fell on air travel, with some serious implications for the healthcare sector, as well.

Staff at British Columbia’s hospitals and health facilities had to pivot to paper to manage everything from lab work to meal orders during the outage, but on Saturday providers including Ontario’s University Health Network and Sunnybrook Hospital as well Newfoundland and Labrador’s healthcare provider all announced regular operations had been restored.

The Children’s Hospital of Eastern Ontario (CHEO) was temporarily impacted, as was the Queensway Carleton Hospital, in Ottawa. However, both hospitals told Global News that patients weren’t affected, as the organizations deployed workarounds.

Dynacare lab sites in Ontario and Manitoba were affected by the computer glitch, Global News reported. On the Dynacare website, it stated, “Global IT issues are impacting Dynacare systems. Full test menu may be limited and wait times may be delayed. All Ontario and Manitoba locations are closed. We are working to reopen as soon as possible.”

The Centre for Addiction and Mental Health (CAMH), in Toronto, was temporarily impacted. CAMH posted on X on Friday, stating that the centre was affected by the global outage.

“Due to a global IT outage, some computer systems at CAMH have been impacted. While most clinics are operating as usual, if you’re experiencing issues accessing in-person and virtual outpatient appointments, please call your care team,” CAMH said.

Officials at Bluewater Health, which oversees hospitals in Sarnia and Petrolia, said its operations had been affected. A statement on the Bluewater Health website said, “Patients should expect delays in service and potential appointment cancellations following a Microsoft/CrowdStrike global IT outage, which has been confirmed NOT to be a cyber-attack.”

Bluewater Health is part of a shared IT/security service provider called TransForm, along with four other hospitals; Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital.

The TransForm group of hospitals experienced a cyberattack in October of 2023 which saw personal health information and some financial information of both patients and staff breached. It was estimated more than 200,000 people were impacted by that event.

Steve Waterhouse (pictured), a cybersecurity expert, says the CrowdStrike outage should lead to growing awareness among Canadian organizations and businesses that computer-related stoppages can happen at any time.

“This is of the utmost importance, because the outage has paralyzed many sectors of our economy, of our society,” he noted, recalling other major outages could occur in the future.

Waterhouse said the centralization of all data and emails in recent years makes us vulnerable if things go wrong. He recommends private and public organizations review the way they do things.

“These are consequences that must be anticipated in the future,” Waterhouse said. You have to prepare an alternative instead of assuming everything will be available. It’s the same when there is a power outage, we have plenty of candles for light when there is no power.”

On a related note, cybersecurity agencies across the globe and CrowdStrike CEO George Kurtz are warning businesses and individuals about new phishing schemes that involve malicious actors posing as CrowdStrike employees or other tech specialists offering to assist those recovering from the outage.

“We know that adversaries and bad actors will try to exploit events like this,” Kurtz said in a statement. “I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

The UK Cyber Security Centre said they have noticed an increase in phishing attempts around this event.