CRIMINALS will come crawling out of the woodwork to scam victims as the world grapples with a global IT catastrophe.
A rogue software update on Friday left Windows PCs unable to turn on around the world – with supermarkets, banks, airlines, and even hospitals reporting issues.
ReutersScreens turned blue leaving machines unusable, like this checkout at a store in Australia[/caption]
Spencer Clinton For The US SunThe global cyber outage even left iconic screens blank in Times Square, New York[/caption]
Security giant CrowdStrike was to blame, for bungling the update sent to business computers running its Falcon anti-virus software.
It meant that Windows PCs were faced with the “Blue Screen of Death” that prevented them from booting up properly.
The event has caused IT chaos globally, with CrowdStrike’s CEO saying the company is “deeply sorry” for the world-shaking mishap.
Now security experts have told The U.S. Sun that criminals may take advantage of the event to target new victims – even if your PC wasn’t affected by the outage.
There are two groups that will be targeted, according to Calvin Gan, Senior Manager of Scam Protection Strategy at F-Secure.
First up are the businesses hit by the outage, and second are regular people whose machines were totally fine.
“Now that these affected companies are in the public news, these companies need to be monitoring their communication channels for malicious calls or messages,” Gan told The U.S. Sun.
“Which may be under the pretence of offering support, but may in fact have an ulterior motive.”
Regular people will mostly be facing “disruption” to their healthcare, travel, and banking.
But Gan had “evergreen advice” for normal web users too, including spotting signs that you’re being scammed by enterprising crooks.
“If they have been performing bank transactions but these have failed, be aware of calls from your bank and properly verify the legitimacy of them,” Gan told us.
“In particular checking that the phone number belongs to the bank in question.
What is CrowdStrike?
THE global cyber outage affecting TV channels, banks, hospitals, airports and emergency services appears to relate to an issue at cybersecurity firm CrowdStrike.
IT security firm CrowdStrike ran a recorded phone message on Friday – saying it was aware of reports of crashes on Microsoft’s Windows operating system relating to its Falcon sensor.
A prerecorded message said: “Thanks for contacting CrowdStrike support. CrowdStrike is aware of reports of crashes on Windows… related to the Falcon sensor.”
The Falcon system monitors the computers it is installed on and detects hacks and bugs before responding to them.
CrowdStrike, headquartered in Austin, Texas, says it is a global security leader which provides an advanced platform to protect data.
A CrowdStrike update on Friday is said to have caused a critical error in Microsoft operating systems, affecting millions worldwide.
The company regularly updates systems with new anti-virus software
Toby Murray, associate professor in the School of Computing and Information Systems at The University of Melbourne, Australia said: “If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons .
“One: Falcon is widely deployed on many computers, and two: because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats.
“It is possible that today’s outage may have been caused by a buggy update to Falcon.”.
Cyber expert Troy Hunt told Australian TV network Seven: “It looks like they’ve pushed a bad update, which is presently nuking every machine that takes it.”
“If they were impacted by the disruption to airline services, monitor for phishing emails claiming to offer refunds for missed flights or similar compensation.”
“In general, be aware of any emails, messages or calls which use an urgent tone of voice such as ‘Act now, do this, reply now or you will miss the opportunity’.
“As these could be scammers trying to take advantage of the situation.”
And it seems like they already are – the USA’s Cybersecurity & Infrastructure Security Agency (CISA) warned that criminals are trying to target victims in the aftermath of the outage.
ReutersThousands of flights have been impacted due to screen issues at airports around the world[/caption]
In a report, CISA wrote: “Of note, CISA has observed threat actors taking advantage of this incident for phishing and other malicious activity.
“CISA urges organizations and individuals to remain vigilant and only follow instructions from legitimate sources.
“CISA recommends organizations to remind their employees to avoid clicking on phishing emails or suspicious links.”
Earlier today, experts told The U.S. Sun that hackers might try to replicate the outage in the future.
CROWDSTRIKE BLAMED – CEO’S FULL REPLY
Here’s an official statement from CrowdStrike CEO George Kurtz…
“Today was not a security or cyber incident.
“Our customers remain fully protected.
“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption.
“We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.
“As noted earlier, the issue has been identified and a fix has been deployed.
“There was an issue with a Falcon content update for Windows Hosts. For the latest information that we will continuously update, please refer to the CrowdStrike website, my posts on LinkedIn, and my posts on X.
“ will continue to provide updates to our community and the industry as they become available.”
And security pros warned that it could take the world “weeks” to recover from the fallout of the outage.
But not everyone is feeling the misery: The U.S. Sun shared how Apple Mac fans are overjoyed they dodged the outage.
CrowdStrike has now issued a fix for the issue, but many Windows machines will still need manual repairs.
A Microsoft spokesperson told The U.S. Sun. “Earlier today, a CrowdStrike update was responsible for bringing down a number of IT systems globally.
“We are actively supporting customers to assist in their recovery.”