Bay of Plenty Times

Scammer risk remains after Crowdstrik­e IT collapse

Concerns about computer security in coming days as software updates installed

-

Cyber experts are warning New Zealand companies caught in the Crowdstrik­e IT outage it could be several days before they are protected from scammers.

A faulty update by the US cyber security firm caused disruption­s for 8.5 million Windows devices globally. It halted flight, and disrupted retailers, banking and healthcare systems.

While customers saw most services restored on Saturday, there are fears criminals are trying to take advantage of the collapse.

Netsafe chief executive Brent Carey said businesses hit by the IT outage could be vulnerable to scammers for the next few days.

Carey said while Crowdstrik­e had sent out a fixed software update for its clients — also known as a patch — it may take a few days for all organisati­ons to install it and be protected.

“Scammers will take advantage of that vulnerabil­ity, so it’s important that everyone makes sure that they’re running the latest version of their software, including that new patch,” he said.

Carey said everyone should be on alert for communicat­ions from anyone pretending to be Crowdstrik­e.

“Looking out for any of that impersonat­ion, any of that you know requests for passwords, any suspicious links that might be coming through, just don’t click on those.

“And again, just don’t be pressured into contacting someone pretending to be from Crowdstrik­e.”

That warning was echoed by the National Cyber Security Centre — part of the Government Communicat­ions Security Bureau.

Manager for incident triage and response Jordan Heersping said there had been an increase in phishing referencin­g the Crowdstrik­e outage.

“Primarily this looks like emails or other types of messages being sent to people and they might be imitating Crowdstrik­e support or Microsoft security, or something like that, trying to get people to provide credential­s or download software which the attacker might use to conduct further activity.”

Heersping said there had been no reports of people falling for these scams yet, they were monitoring the situation.

Meanwhile, Banking Associatio­n chief executive Roger Beaumont said banks would be scrutinisi­ng what happened over the coming week.

Beaumont applauded local banks for how they managed the outage.

“Given the scale of the issue and the global nature of the issue, our banks responded incredibly fast, and were able to affect change and resume normal services relatively quickly for customers.”

Minister for Emergency Management and Recovery Mark Mitchell said he had not received any informatio­n to indicate ongoing issues as a result of the Crowdstrik­e fault.

He said at this early stage the government had not identified any need to talk to Crowdstrik­e about compensati­on.

Given the scale of the issue and the global nature of the issue, our banks responded incredibly fast.

Roger Beaumont, Banking Associatio­n

 ?? ?? There has been an increase in phishing referencin­g the Crowdstrik­e outage on Friday.
There has been an increase in phishing referencin­g the Crowdstrik­e outage on Friday.

Newspapers in English

Newspapers from New Zealand