July 21, World (LNW): Cybersecurity experts and agencies worldwide are alerting the public about a surge in opportunistic hacking attempts linked to a recent IT outage.
While there is no evidence that the outage at CrowdStrike was caused by malicious activity, some cybercriminals are attempting to exploit the situation.
Cyber agencies in the UK and Australia have issued warnings to be wary of fake emails, calls, and websites posing as official entities.
George Kurtz, head of CrowdStrike, advised users to ensure they are interacting with verified company representatives before downloading any fixes.
“We know that adversaries will try to exploit events like this,” Kurtz wrote in a blog post. “Our blog and technical support will remain the official channels for updates.”
Cybersecurity expert Troy Hunt, who operates the Have I Been Pwned security website, echoed Kurtz’s sentiments, stating that incidents like this are a boon for scammers.
Responding to a warning from the Australian Signals Directorate (ASD), Hunt noted that hackers are sending out bogus software fixes purporting to be from CrowdStrike.
“Alert! We are aware of several malicious websites and unofficial code claiming to assist with recovery,” read the ASD notice, urging IT responders to rely solely on CrowdStrike’s official website for information and assistance.
The UK’s National Cyber Security Centre (NCSC) also urged vigilance against suspicious emails or calls pretending to be from CrowdStrike or Microsoft, noting an increase in phishing attempts referencing the outage.
Whenever there is a significant news event, particularly in the tech sector, hackers often adapt their methods to exploit public fear and uncertainty. This was evident during the Covid-19 pandemic when phishing emails offered virus information or antidotes to trick individuals and organisations.
Due to the widespread coverage of the IT outage, hackers are taking advantage. Researchers at Secureworks have observed a notable rise in CrowdStrike-themed domain registrations, indicating that cybercriminals are setting up fraudulent websites to deceive IT managers and the public into downloading malicious software or divulging private information.
The primary advice is directed at IT managers working to restore their organisations online, but individuals are also advised to be cautious and only rely on information from official CrowdStrike channels.
