Organized cybercriminal gangs have lost little time in attempting to cash in on the ongoing CrowdStrike/Windows outage currently affecting banks, airlines and businesses.
According to the UK’s National Security Cyber Centre: “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation. This may be aimed at both organizations and individuals.”
The SANS Technology Institute in the US also warns: “There may be phishing emails circulating claiming to come from “Crowdstrike Support” or “Crowdstrike Security”… attackers are likely leveraging the heavy media attention. Please be careful with any “patches” that may be delivered this way.”
Companies are being advised to ensure that multi-layer phishing mitigations are in place, while individuals should be alert to suspicious emails or messages on this topic and informed about what to look out for.
“Businesses are only as secure as their weakest link. Not only is employee cybersecurity training a necessity, but businesses should also carefully evaluate any third-party platforms to ensure they adhere to the same level of security,” says Zarik Megerdichian, founder and CEO of the cybersecurity company Loop8.
The Windows outage struck on Friday and has already resulted in delayed canceled flights and mega-queues at many international airports while also affecting banks and businesses in the US, Europe, and India. CrowdStrike, valued at US$84 billion before the outage, was calculated to have 24 percent of the endpoint-protection market.
CrowdStrike comes in for heavy criticism
However, the company is now facing heavy criticism in the wake of the Windows meltdown, which may lead to wider criticism of the cybersecurity sector from the business world.
According to Yashin Manraj, CEO of business consultancy Pvotal Technologies: “CrowdStrike’s recent software update debacle exposed a critical flaw in its operational approach…a critical lack of automation, safeguards, and checks and balances in their release management systems.”
“Unlike established IT infrastructure providers like AWS, Google, and Microsoft, CrowdStrike has no robust automated management and rigorous testing procedures for code updates, which could have easily prevented one of the most significant disruptions to civilian infrastructure in the past decade,” added Manraj.
