The global CrowdStrike IT outage unleashed chaos when it grounded planes, disrupted hospital appointments and forced shops to close – but a targeted hit by hackers could be even worse, experts say
Experts have warned that hackers could wreak havoc across the world with even worse effects than yesterday’s global IT outage.
CrowdStrike chief executive George Kurtz said he was “deeply sorry” after a faulty update from the cybersecurity firm grounded planes, forced medical appointments to be cancelled, and stopped payments around the world on Friday. The impact continued to be felt on Saturday despite a fix being sent out – and the CEO admitted it could take “some time” before all affected devices are restored to normal.
The issue began after the cyber security team at CrowdStrike pushed out a new update to its systems that inadvertently put cloud connected Microsoft PCs into a crash loop. Public bodies and private companies around the world found themselves suddenly dealing with glitching computers on crucial parts of their networks, causing huge problems in the invisible supply chains that usually operate quietly in the background of everyday life.
CrowdStrike’s global crash was a mistake – if a costly one – but a hacker could cause even more devastating trouble for the world if they were to take down these systems on purpose in a targeted attack, according to technology experts. Martin Jartelius, Chief Security Officer at Outpost24, told the Sun: “If an attacker had backdoored such an update to open systems to attacks or to encrypt them, the exact same systems would have been impacted. This is why supply chain attacks and defence has been increasingly important.”
Meanwhile, cybercrime experts are warning that Friday’s incident could open the door to a new wave of terrifying scam attacks – and told members of the public to be especially wary of anyone contacting you claiming to be from a major company over the next few days. Antivirus provider McAffee said if you are approached online or over the phone and asked to send money, use cryptocurrency, or purchase gift cards, proceed with extreme caution as these are common indicators of a scam.
It also advised to always question the source of a potential scam call. If you receive a call or message that raises suspicion, take steps to verify the caller’s identity, as cybercriminals have access to voice cloning tools and other tricks to spoof phone numbers so that they look legitimate. Even if it’s a voicemail or text from a number you recognise, you can always hang up and call the person or business directly or try to verify the information before responding.
Oliver Devane, Senior Security Researcher at the global cybersecurity company, McAfee, said yesterday: “While it has been confirmed that today’s Microsoft outage is not due to a security incident or cyberattack, we have observed that opportunistic scammers are attempting to exploit the situation.
“Scammers may seek to conduct phishing attacks on people looking to reschedule delayed or cancelled flights, while those experiencing banking issues may be vulnerable to voice or message scams from cybercrooks pretending to be from their bank too. Therefore, we are urging everyone to remain vigilant to ensure they protect their personal information and data.”
