Cyber-security experts and agencies around the world are on high alert as opportunistic hackers attempt to take advantage of the recent IT outage linked to CrowdStrike. While there is no evidence that the outage was caused by malicious activity, bad actors are using the situation to launch hacking attempts.
Both the UK and Australia have issued warnings to their citizens to be vigilant against fake emails, calls, and websites pretending to be official sources. CrowdStrike head George Kurtz emphasized the importance of verifying the authenticity of communications before downloading any fixes, urging users to rely on official channels for updates.
Cybersecurity expert Troy Hunt echoed these sentiments, cautioning that incidents like this provide scammers with an opportunity to exploit fear and uncertainty. The Australian Signals Directorate issued an alert about hackers distributing bogus software fixes under the guise of being from CrowdStrike, urging IT responders to only use the company’s official website for information and assistance.
The UK’s National Cyber Security Centre also issued a warning about phishing attempts related to the outage, advising people to be hyper-vigilant of suspicious communications. Hackers have been quick to capitalize on the global news story, with a sharp rise in CrowdStrike-themed domain registrations observed by researchers at Secureworks.
While the primary targets are IT managers trying to restore their organizations’ systems, individuals are also at risk of being targeted. Experts are urging caution and recommending that people only act on information from official CrowdStrike channels to avoid falling victim to malicious activities. As the situation unfolds, staying informed and staying vigilant are key to staying safe in the digital landscape.