Các chuyên gia an ninh mạng và cơ quan trên toàn thế giới đang cảnh báo người dùng về một loạt các vụ hack cơ hội liên quan đến sự cố IT. Mặc dù không có bằng chứng nào cho thấy sự cố của CrowdStrike là do các hoạt động độc hại, một số tác nhân xấu đang cố gắng lợi dụng tình hình. Các cơ quan an ninh mạng tại Anh và Úc đều cảnh báo người dân cần cẩn thận với các email giả mạo, cuộc gọi và trang web giả mạo. George Kurtz, người đứng đầu của CrowdStrike, khuyến khích người dùng đảm bảo họ đang nói chuyện với các đại diện chính thức của công ty trước khi tải xuống bản vá. “#globalcybersecurity #scammers #Covid-19phishing #hackers #CrowdStrike”
Nguồn: https://www.bbc.com/news/articles/cq5xy12pynyo
Cyber-security experts and agencies around the world are warning people about a wave of opportunistic hacking attempts linked to the IT outage.
Although there is no evidence that the CrowdStrike outage was caused by malicious activity, some bad actors are attempting to take advantage.
Cyber agencies in the UK and Australia are warning people to be vigilant to fake emails, calls and websites that pretend to be official.
And CrowdStrike head George Kurtz encouraged users to make sure they were speaking to official representatives from the company before downloading fixes.
“We know that adversaries and bad actors will try to exploit events like this,” he said in a blog post.
“Our blog and technical support will continue to be the official channels for the latest updates.”
His words were echoed by cybersecurity expert Troy Hunt, who runs the well-known Have I Been Pwned security website.
“An incident like this that has commanded so many headlines and has people worried is a gift to scammers,” he said.
Mr Hunt was responding to a warning from the Australian Signals Directorate (known as the ASD, the equivalent of the UK’s GCHQ or the US’s National Security Agency) which issued an alert about hackers sending out bogus software fixes claiming to be from CrowdStrike.
“Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover,” the notice reads.
The agency is urging IT responders to only use CrowdStrike’s website to source information and help.
The ASD warning follows calls from the UK’s National Cyber Security Centre (NCSC) on Friday for people to be hyper vigilante of suspicious emails or calls that pretend to be CrowdStrike or Microsoft help.
“An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the agency said.
Whenever there is a major news event, especially one linked to technology, hackers respond by tweaking their existing methods to take into account the fear and uncertainty.
We saw the same with the Covid-19 pandemic when hackers adjusted their phishing email attacks to offer information about the virus and even pretend to have an antidote in order to hack people and organisations.
Because the IT outage has been a global news story we are seeing hackers capitalise.
According to researchers at Secureworks, there has already been a sharp rise in CrowdStrike-themed domain registrations – hackers registering new websites made to look official and potentially trick IT managers or members of the public into downloading malicious software or handing over private details.
The advice is mainly for IT managers who are the ones being affected by this as they try to get their organisations back online.
But individuals too might be targeted, so experts are warning to be cautious and only act on information from the official CrowdStrike channels.
