Exploiting Chaos: Malicious Actors Take Advantage of CrowdStrike Outage
In a world still recovering from a global travel and business gridlock caused by a recent outage at cybersecurity giant CrowdStrike, another threat emerges. Malicious actors are capitalizing on the situation to carry out cyberattacks and scams for their own gain. The U.S. cybersecurity agency CISA has issued a warning, stating that it has already observed threat actors engaging in phishing and other malicious activities amidst the chaos.
Phishing emails and suspicious links are among the primary means by which these malicious actors are targeting individuals. Such campaigns can be easily created and customized at short notice, making them a preferred choice for cybercriminals. One security researcher reported that phishing emails impersonating CrowdStrike were already in circulation. These emails falsely claimed to offer solutions to the “CrowdStrike apocalypse” in exchange for a fee paid to a random crypto wallet. However, the only viable fixes at the moment involve either repeatedly restarting affected computers or manually removing the defective file from each impacted device.
Beyond phishing, criminals are also leveraging the outage as cover to deceive victims into sharing passwords and sensitive information. Rachel Tobac, a social engineering expert and founder of cybersecurity firm SocialProof Security, warns users to exercise caution and verify the identity of individuals before taking any sensitive actions.
The outage was caused by a defective software update released by CrowdStrike, resulting in numerous Windows computers crashing. While CrowdStrike claims to have fixed the bug, the manual remediation process required for each affected computer could lead to lasting outages. CISA is working closely with CrowdStrike, as well as federal, state, local, tribal, and territorial partners, critical infrastructure entities, and international partners to address the issue.
This incident serves as a reminder of the ever-present threats in the digital landscape. Cybercriminals are relentless in their pursuit of exploiting vulnerabilities and chaotic situations. Vigilance, skepticism, and adherence to best security practices are crucial in protecting ourselves and our digital assets from these malicious actors.
