Cyber-security experts and agencies worldwide are issuing warnings about a surge in opportunistic hacking attempts following the recent IT outage. While there is no concrete evidence linking the outage to malicious activity, nefarious actors are seizing the opportunity to exploit the situation.
Authorities in the UK and Australia are cautioning the public to remain vigilant against fake emails, calls, and websites posing as official sources. CrowdStrike CEO George Kurtz emphasized the importance of verifying the authenticity of communications before downloading any fixes.
In a blog post, Kurtz stated, “We know that adversaries and bad actors will try to exploit events like this. Our blog and technical support will continue to be the official channels for the latest updates.” This sentiment was echoed by cybersecurity expert Troy Hunt, who warned that scammers view incidents like this as a prime opportunity to deceive individuals.
The Australian Signals Directorate (ASD) issued an alert about hackers disseminating counterfeit software fixes under the guise of being from CrowdStrike. The ASD urged IT responders to rely solely on CrowdStrike’s official website for information and assistance.
The UK’s National Cyber Security Centre (NCSC) also issued a warning urging people to be cautious of suspicious emails or calls claiming to be from CrowdStrike or Microsoft. The agency highlighted an increase in phishing attempts related to the outage as malicious actors seek to exploit the situation.
Researchers at Secureworks have observed a significant uptick in CrowdStrike-themed domain registrations, indicating a rise in fraudulent websites designed to deceive IT managers and the public. While the primary target is IT professionals working to restore operations, individuals are also at risk of falling victim to these scams.
As hackers adapt their tactics to capitalize on global news events, experts stress the importance of verifying information from official sources and remaining cautious in the face of potential cyber threats. Stay informed and stay safe in the digital landscape.