Air Force Chief of Staff Gen. CQ Brown, Jr., addresses Life Cycle Industry Days conference attendees at the Dayton Convention Center in Dayton, Ohio, July 31, 2023.  (U.S. Air Force photo by Staff Sgt. Mikaley Kline)

WASHINGTON —Though computer systems around the world, including some US government systems, are struggling today to recover from a mass IT incident, America’s top military officer says the Pentagon appears to have been spared so far.

“For all reports I have right now, [there have been] no impact on DoD operations,” Chairman of the Joint Chiefs of Staff, Gen. C.Q. Brown said during the Aspen Security Forum. “But I will also share with you, this just gives you an indication of how important cybersecurity is — how we use our software, how we use our tools — is important, and the things that we do particularly in DoD to protect our capabilities to ensure that we can still protect the nation, even when you have — whether it’s a glitch or an attack — that would be best postured to be able to support.”

“I’m sure our adversaries are looking at this as a way to, I would say, put sand in our gears when we’re trying to generate combat power to go to respond to a crisis anywhere around the world,” he later added. 

The outages, which took down the systems of some major airlines, banks, media companies and healthcare firms, were caused by what cybersecurity giant CrowdStrike said was a “defect” in a content update for its software running on Windows systems. “This was not a cyberattack,” the company said. Multiple federal systems have also reportedly been affected.

“As noted earlier, the issue has been identified and a fix has been deployed,” CEO of CrowdStrike George Kurtz posted to X, adding that the company was “deeply sorry for the inconvenience and disruption.”

Prior to Brown’s comments, the Office of the Secretary of Defense said in a statement to Breaking Defense that the department was “monitoring” its networks for “possible impacts.”

Though Brown said DoD operations haven’t seen major issues, CrowdStrike does do business with the Pentagon, noting in a 2023 press release that it “secures some of the United States’ most critical assets within the DoD, Defense Industrial Base (DIB) entities, Department of Homeland Security (DHS) through the Cybersecurity and Infrastructure Security Agency (CISA), the Center for Internet Security (CIS) and multiple other federal civilian agencies.”

And though CrowdStrike said the outage was not caused by a cyberattack, CISA said in a statement that it has already spotted threat actors attempting to take advantage of the chaos, exploiting the outages to push phishing “other malicious activity.”

“CISA urges organizations and individuals to remain vigilant and only follow instructions from legitimate sources,” the statement read. 

Also in Aspen, White House deputy national security advisor Anne Neuberger, echoed Brown’s sentiment that today’s outage should serve as a wakeup call.

“The irony of this morning is that a major international cybersecurity company was impacted. So, we need to really think about our digital resilience, not just in the systems we run, but in this globally connected security systems, the risks of consolidation, how we deal with that consolidation, and how we ensure that if an incident does occur, it can be contained and we can recover quicker,” she said. 

Justin Katz contribted to this report.