Las Vegas didn\u2019t fold during CrowdStrike outage | CyberScoop<\/title> <meta name=\"description\" content=\"Sin City\u2019s chief information officer says incident response playbooks and muscle memory limited the incident\u2019s impact locally.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/2024-crowdstrike-outage-impact-vegas\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Las Vegas didn\u2019t fold during CrowdStrike outage\"> <meta property=\"og:description\" content=\"Sin City\u2019s chief information officer says incident response playbooks and muscle memory limited the incident\u2019s impact locally.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/2024-crowdstrike-outage-impact-vegas\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-08-16T13:00:00+00:00\"> <meta property=\"article:modified_time\" content=\"2024-08-15T21:38:58+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1275\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1721926675g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1723669469g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1721764637g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ada0ad45b21fc79c6694\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/81417\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.6.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=81417\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2F2024-crowdstrike-outage-impact-vegas%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2F2024-crowdstrike-outage-impact-vegas%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-81417 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/2024-crowdstrike-outage-impact-vegas\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.952380952381\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2024 CyberScoop 50 awards! <\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/vote\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.556234718826\">\n<div class=\"single-article__header-content\" readability=\"28.714285714286\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> Sin City\u2019s chief information officer says incident response playbooks and muscle memory limited the incident\u2019s impact locally. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"425\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage.jpg?resize=640%2C425&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=300,199 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=768,510 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=1024,680 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=1536,1020 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=600,398 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=253,168 253w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=507,337 507w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=1016,675 1016w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-2.jpg?resize=1269,843 1269w\" sizes=\"(max-width: 1016px) 100vw, 1016px\"><figcaption> LAS VEGAS, NV – JANUARY 02: Exterior view of Welcome to Fabulous Las Vegas Nevada sign is seen on January 02, 2006 in Las Vegas, Nevada. (Photo by BG032\/Bauer-Griffin\/GC Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"39.810972568579\"><body readability=\"81.382176052488\"><\/p>\n<p><strong>LAS VEGAS \u2014<\/strong> When CrowdStrike pushed a few bits of errant code last month, Michael Sherwood, Las Vegas\u2019s chief information officer, watched as seemingly random networks around the city shut down. Meanwhile, digital security tools stayed quiet and it was unclear what \u2014 or perhaps who \u2014 was the cause of the outage.<\/p>\n<p>\u201cWe started seeing what everybody else saw \u2014 machines dropping off, going into a blue screen mode,\u201d Sherwood said during an interview at the Black Hat hacker conference. \u201cI\u2019d say for the first half hour, we didn\u2019t have an indication what the problem was.\u201d<\/p>\n<p>It wasn\u2019t until news reports started to come out that Sherwood learned it wasn\u2019t malicious hackers that had burrowed into Sin City\u2019s sensitive networks; it was just a really bad update from the software that was supposed to keep the unwanted out. <\/p>\n<p>A <a href=\"https:\/\/cyberscoop.com\/crowdstrike-falcon-flaw-microsoft-outage-flights-grounded-windows\/\">faulty driver in a CrowdStrike security software update<\/a> caused millions of Windows machines to crash. Around the world <a href=\"https:\/\/x.com\/FAANews\/status\/1814236439359393845\">planes were grounded<\/a>, television stations went quiet, and banks and supermarkets and other vital services shut down.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Las Vegas was no different but did not appear to be as badly impacted. Local reporting <a href=\"https:\/\/archive.is\/j58am\">highlighted<\/a> quiet slot machines in casinos and not-so-quiet customers in lines at the Harry Reid International Airport. False rumors even began to <a href=\"https:\/\/techcrunch.com\/2024\/07\/19\/from-the-sphere-to-false-cyberattack-claims-misinformation-runs-rampant-amid-crowdstrike-outage\/\">spread<\/a> that the Sphere, the technological marvel of a concert bowl, was hit by the blue screen of death.<\/p>\n<p>The CrowdStrike incident offered a preview of what a devastating cyberattack might accomplish, and Sherwood looks at it as a helpful exercise in anticipation of what\u2019s to come. \u201cWe learned a lot. We learned our plans worked,\u201d he said. \u201cWe learned a little more about the logistics, and how we\u2019re going to plan out for the future.\u201d<\/p>\n<p>It wasn\u2019t until 3 a.m. the next day that some of those back-end services for critical infrastructure were back up, said Sherwood, who cited security protocols for not sharing more when asked for details about those impacted systems. But safeguards, including multiple vendors and backups, were in place to prevent major disruptions, and within \u201ceight to 10 hours,\u201d most systems were back up and operational, he said.<\/p>\n<p>\u201cBy Saturday afternoon, we were completely recovered,\u201d Sherwood said.<\/p>\n<p>In the past few months, the Biden administration has warned critical infrastructure owners and operators to assume compromise by malicious actors and to <a href=\"https:\/\/statescoop.com\/cisa-cybersecurity-resilience-planning-playbook-critical-infrastructure\/\">build resilience<\/a> for when a worst-case scenario cyberattack occurs. National security officials have <a href=\"https:\/\/cyberscoop.com\/china-critical-infrastructure-volt-typhoon\/\">warned<\/a> that Beijing is positioning for possible disruptive attacks against critical infrastructure to destabilize the supply chain or troop movement. The impacts of malware targeting critical systems may look like what happened after CrowdStrike released the update.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Sherwood noted that his job is increasingly having to balance risks found in software, be it extensive testing of security updates or patching immediately to prevent potential intrusions. Consequently, that means increasingly relying on external tools to make real-time decisions, like artificial intelligence and machine learning.<\/p>\n<p>Now, Sherwood said, Las Vegas is looking at how to further diversify its systems and stay resilient in case another service goes down. While Sherwood\u2019s team is staying with CrowdStrike in some areas, he said the city plans on pursuing a \u201clayered approach.\u201d For example, services like Slack and Microsoft 360 were operational during the outage, but that might not always be the case.<\/p>\n<p>\u201cWhat if that wasn\u2019t available?\u201d he said. \u201cHow much harder would it have been to recover from an event like this?\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.4586894586895\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/las-vegas-didnt-fold-during-crowdstrike-outage-1.jpg?w=640&ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out: christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/2024-crowdstrike-outage-impact-vegas\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Las Vegas didn\u2019t fold during CrowdStrike outage | CyberScoop Skip<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[730,2349,413,2350,78,742,117,2479,625,310,212],"tags":[734,2353,415,2354,86,744,119,2480,630,311,214],"class_list":["post-4906","post","type-post","status-publish","format-standard","hentry","category-black-hat","category-blue-screen-of-death","category-critical-infrastructure","category-crowdstrike","category-cybersecurity","category-def-con","category-government","category-las-vegas","category-microsoft","category-technology","category-windows","tag-black-hat","tag-blue-screen-of-death","tag-critical-infrastructure","tag-crowdstrike","tag-cybersecurity","tag-def-con","tag-government","tag-las-vegas","tag-microsoft","tag-technology","tag-windows"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/black-hat\/\" rel=\"category tag\">Black Hat<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/blue-screen-of-death\/\" rel=\"category tag\">Blue Screen of Death<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/critical-infrastructure\/\" rel=\"category tag\">critical infrastructure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/crowdstrike\/\" rel=\"category tag\">CrowdStrike<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/def-con\/\" rel=\"category tag\">DEF CON<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/las-vegas\/\" rel=\"category tag\">Las Vegas<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft\/\" rel=\"category tag\">Microsoft<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/windows\/\" rel=\"category tag\">Windows<\/a>","tag_info":"Windows","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4906"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4906\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":4906,"date":"2024-08-16T08:00:00","date_gmt":"2024-08-16T13:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81417"},"modified":"2024-08-16T08:00:00","modified_gmt":"2024-08-16T13:00:00","slug":"las-vegas-didnt-fold-during-crowdstrike-outage","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/08\/16\/las-vegas-didnt-fold-during-crowdstrike-outage\/","title":{"rendered":"Las Vegas didn\u2019t fold during CrowdStrike outage"},"content":{"rendered":"