CRIMINALS will come out of the woodwork to scam victims as the world faces a global IT catastrophe.
A fraudulent software update on Friday left Windows PCs unable to turn on across the world – with supermarkets, banks, airlines and even hospitals reporting problems.
3
Security giant CrowdStrike was to blame for botching the update pushed to business computers running its Falcon antivirus software.
This meant that Windows PCs faced the “Blue Screen of Death” that prevented them from booting properly.
The event caused IT chaos around the world, with the CEO of CrowdStrike saying the company is “deeply sorry” for the world-shaking accident.
Now, security experts have told The US Sun that criminals could take advantage of the event to target new victims – even if your PC was not affected by the outage.
Read more about global IT disruption
There are two groups that will be targeted, according to Calvin Gan, senior manager of scam protection strategy at F-Secure.
First are the businesses affected by the outage, and second are the ordinary people whose machines were fully operational.
“Now that these affected companies are in public NewsThese companies need to monitor their communications channels for malicious calls or messages,” Gan told The US Sun.
“Which may be under the guise of offering support, but may actually have an ulterior motive.”
Ordinary people will mostly face “disruptions” to their healthcare, travel and banking services.
But Gan had “evergreen advice” for normal web users as well, including spotting signs that you’re being scammed by enterprising criminals.
“If they have carried out banking transactions but these have failed, be aware of your bank’s connections and properly check their legitimacy,” Gan told us.
“In particular by checking whether the phone number belongs to the bank in question.
What is CrowdStrike?
The global cyber outage affecting television channels, banks, hospitals, airports and emergency services appears to be related to an issue at cybersecurity company CrowdStrike.
IT security firm CrowdStrike published a recorded phone message on Friday – saying it was aware of reports of flaws in Microsoft’s Windows operating system related to its Falcon sensor.
A pre-recorded message read: “Thank you for contacting CrowdStrike support. CrowdStrike is aware of reports of Windows crashes… related to the Falcon sensor.”
The Falcon system monitors the computers it is installed on and detects hacks and bugs before responding to them.
CrowdStrike, based in Austin, Texas, claims to be a global security leader that provides an advanced platform for protecting data.
A CrowdStrike update on Friday is said to have caused a critical bug in Microsoft’s operating systems, affecting millions of people around the world.
The company regularly updates systems with new antivirus software
Toby Murray, associate professor in the School of Computing and Information Systems at the University of Melbourne, Australia, said: “If Falcon is experiencing a malfunction, it could be causing widespread outage for two reasons.
“One: Falcon is widely deployed on many computers, and two: due to the privileged nature of Falcon.
“Falcon is a bit like antivirus software: it is regularly updated with information about the latest online threats.
“It is possible that today’s outage was caused by a buggy update to Falcon.”
Cyber expert Troy Hunt told Australian TV network Seven: “It appears they have released a bad update, which is currently destroying all machines using it.”
“If they have been affected by airline service disruptions, monitor for phishing emails claiming to offer refunds for missed flights or similar compensation.”
“In general, be alert to any emails, messages or calls that use an urgent tone of voice, such as ‘Act now, do this, respond now or you will miss the opportunity.’
“Because they could be scammers trying to take advantage of the situation.”
And it looks like they already are – the US Cybersecurity and Infrastructure Security Agency (CISA) has warned that criminals are trying to target victims following the outage.
3
In a report, CISA wrote: “It is noteworthy that CISA observed threat actors taking advantage of this incident for phishing and other malicious activities.
“CISA urges organizations and individuals to remain vigilant and only follow instructions from legitimate sources.
“CISA recommends that organizations remind their employees to avoid clicking on phishing emails or suspicious links.”
Earlier today, experts told The US Sun that hackers may attempt to replicate the outage in the future.
CROWDSTRIKE RESPONSIBLE – FULL RESPONSE FROM THE CEO
Here is an official statement from CrowdStrike CEO George Kurtz…
“Today was not a security or cyber incident.
“Our customers remain fully protected.
“We understand the seriousness of the situation and deeply regret the inconvenience and interruption.
“We are working with all affected customers to ensure their systems are working and can provide the services their customers count on.
“As noted previously, the issue has been identified and a fix has been deployed.
“There was an issue with a Falcon content update for Windows hosts. For the latest information that we will continually update, check out the CrowdStrike website, my LinkedIn posts, and my X posts.
“We will continue to provide updates to our community and the industry as they become available.”
And security professionals warned that the world could take “weeks” to recover from the consequences of the outage.
But not everyone is feeling the gloom: US Sun shared how Apple Mac fans are overjoyed to have avoided the outage.
CrowdStrike has already issued a fix for the issue, but many Windows machines will still require manual repairs.
A Microsoft spokesperson told The US Sun, “Earlier today, a CrowdStrike update was responsible for taking down multiple IT systems around the world.
“We are actively supporting clients to help with their recovery.”
This story originally appeared on The-sun.com read the full story
/cdn.vox-cdn.com/uploads/chorus_asset/file/25569545/Fediverse_Activity_Carousel.jpg?w=300&resize=300,300&ssl=1 "Flipboard will allow you to follow fediverse accounts directly within the app")
