Cybersecurity experts and agencies worldwide are warning people about a surge in hacking attempts related to a recent IT outage.
Although there is no proof that the CrowdStrike outage was caused by malicious activity, some bad actors are trying to exploit the situation.
Cyber agencies in the UK and Australia are urging people to be cautious of fake emails, calls, and websites pretending to be official.
CrowdStrike head George Kurtz advised users to ensure they are communicating with official representatives before downloading any fixes.
“We know that adversaries and bad actors will try to exploit events like this,” Kurtz said in a blog post. “Our blog and technical support will continue to be the official channels for the latest updates.”
Cybersecurity expert Troy Hunt, who runs the well-known Have I Been Pwned security website, echoed Kurtz’s concerns. “An incident like this that has commanded so many headlines and has people worried is a gift to scammers,” he said.
Hunt was responding to a warning from the Australian Signals Directorate (ASD), which is equivalent to the UK’s GCHQ or the US’s National Security Agency. The ASD issued an alert about hackers sending out fake software fixes claiming to be from CrowdStrike.
“Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover,” the notice reads. The agency urges IT responders to use only CrowdStrike’s official website for information and assistance.
The ASD warning follows a similar call from the UK’s National Cyber Security Centre (NCSC) on Friday. The NCSC urged people to be extra vigilant about suspicious emails or calls pretending to be from CrowdStrike or Microsoft help.
“An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the agency said.
Microsoft estimates that 8.5 million computers around the world were disabled by the global IT outage. This is the first time a number has been put on the incident, which continues to cause problems worldwide.
The issue originated from a corrupted software update sent out by CrowdStrike to its vast number of customers.
