Cyber crime

CrowdStrike outage sparks scam surge: how to protect your business

Catherine Chipeta
4 Min
Cr

A recent global IT outage caused by cyber security firm CrowdStrike has left millions of computers offline as tech teams worldwide grapple with the fallout. 

While reports of data breaches related to the CrowdStrike outage have yet to surface, the situation has created opportunities for scammers to attempt to access data through social engineering and phishing schemes targeting affected users.

Here’s what you need to know about the incident and how to protect your organisation from potential scams.

Key points

  • Crowdstrike’s software update triggered a widespread outage.
  • Scammers are using fake websites and phishing attempts to target affected users.
  • Government agencies have issued warnings and advice for consumers and businesses.
  • Finance leaders should be on high alert for potential scams and implement protective measures.

How did the outage occur?

The outage stemmed from an issue in a single content update for CrowdStrike’s Falcon sensor, impacting Windows operating systems. As of now, there have been no reports of data breaches directly resulting from or causing the CrowdStrike outage.

Unlike the recent AT&T data breach, the incident appears to be a technical issue rather than a security breach. CrowdStrike’s official communications have focused on the content update problem and its resolution, without mentioning any data compromise.

While CrowdStrike has deployed a fix, the incident has created an opportunity for cybercriminals to exploit the situation.

CrowdStrike outage: navigating the aftermath

CrowdStrike Intelligence reported that threat actors are “Sending phishing emails posing as CrowdStrike support to customers” and “impersonating CrowdStrike staff in phone calls.” Other reported malicious activity includes:

  • Phishing emails posing as CrowdStrike support
  • Phone calls from individuals impersonating CrowdStrike staff
  • Fake websites mimicking CrowdStrike’s official site
  • Unofficial code and scripts claiming to aid recovery

Governments step in: scam attempts and warning signs

Several government agencies have taken action in response to the CrowdStrike outage:

Australian Government response

In an advisory, the Australian Cyber Security Centre (ACSC) warned “a number of malicious websites and unofficial code are being released claiming to help entities recover from the widespread outages caused by the CrowdStrike technical incident.” It strongly encouraged “all consumers to source their technical information and updates from official CrowdStrike sources only.”

Home Affairs Minister Clare O’Neil cautioned: “I would like to ask Australians to be really careful and be really on the lookout for attempts to use this to scam Australians and to scam small businesses.”

“If you see an email. If you see a text message that looks a little bit funny, that indicates something about CrowdStrike or it outages, just stop. Don’t put in any details.”

US Government response

In the US, The Cybersecurity and Infrastructure Security Agency (CISA) has been actively monitoring the situation and providing regular updates. According to its advisory, CISA has observed threat actors taking advantage of this incident for phishing and other malicious activity. It urges “organisations and individuals to remain vigilant and only follow instructions from legitimate sources.”

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, provided further insights, reporting that the US government had been assessing the impact of the outage on all critical infrastructure sectors.

“We’re working first to assess what’s the impact on U.S. government critical services, second, to assess sector by sector what’s the impact to power in the country, to hospitals in the country, to 911 systems, the national suicide hotline,” said Neuberger.

Neuberger also confirmed that she had spoken directly with CrowdStrike CEO George Kurtz, who assured her that the outage was not due to a “security incident or cyberattack.”

Protecting your organisation

To safeguard against potential scams, authorities recommend:

  • Source information only from official CrowdStrike channels
  • Be wary of unsolicited communications requesting software downloads or remote acces
  • Verify the identity of anyone claiming to offer assistance

Lessons for finance leaders

This incident highlights the importance of robust cybersecurity measures and scam awareness. Finance leaders should:

While no data breach has been confirmed, the full impact of the incident may still be unfolding. Finance leaders should remain vigilant and continue to monitor official CrowdStrike communications for any updates regarding data security.

Cybersecurity guide for CFOs
Protect against the latest finance scam risks
Learn how cybercrime is evolving and the latest AI tactics all finance leaders should know about.

Related articles

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.