Experts Alert Hacking Attempts Surge Amid IT Outage Crisis

News Today: Experts alert hacking attempts after IT outage

Cyber-security experts and agencies worldwide are warning of opportunistic hacking attempts linked to the recent IT outage. Although there is no evidence that the CrowdStrike outage was caused by malicious activity, bad actors are exploiting the situation.

Cyber agencies in the UK and Australia are urging people to be vigilant about fake emails, calls, and websites pretending to be official. CrowdStrike’s head, George Kurtz, advised users to ensure they communicate with official representatives before downloading fixes. “We know that adversaries and bad actors will try to exploit events like this,” Kurtz told reporters, emphasizing that the company’s blog and technical support remain the official channels for updates.

Cybersecurity expert Troy Hunt, who runs the Have I Been Pwned website, warned that such incidents are a gift to scammers. Hunt responded to a warning from the Australian Signals Directorate (ASD), which alerted users about hackers sending bogus software fixes claiming to be from CrowdStrike. The ASD notice urged IT responders to rely solely on CrowdStrike’s website for information and help.

The UK’s National Cyber Security Centre (NCSC) also called for heightened vigilance against suspicious emails or calls pretending to be from CrowdStrike or Microsoft. “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the agency stated.

Hackers are capitalizing on the fear and uncertainty caused by the IT outage, tweaking their methods to exploit the situation. Researchers at Secureworks have observed a sharp rise in CrowdStrike-themed domain registrations, with hackers creating new websites designed to look official, tricking IT managers and the public into downloading malicious software or revealing private details.

Experts advise IT managers, who are primarily affected, to be cautious and act only on information from official CrowdStrike channels. Individuals are also warned to stay vigilant.