Australian News Today

Scammers will pounce on global tech outage, home affairs minister warns

Scammers will pounce on global tech outage, home affairs minister warns

In short:

Home Affairs Minister Clare O’Neil used a press conference to warn that bad actors were trying to capitalise on the global tech outages experienced on Friday afternoon.

There have already been reports of phishing scams where criminals attempt to gain access to personal information via unsolicited emails.

What’s next?

Services have begun coming back online and CrowdStrike, the company at the centre of the crash, says it is working with impacted customers whose systems have not yet been restored.

Australians have been warned scammers and hackers are trying to capitalise on CrowdStrike-triggered outages to steal personal information including bank details and to gain access to computer systems.

The unprecedented outage affected a raft of major institutions in Australia and internationally, including emergency services, government agencies, banks and airlines.

Airports across Australia were thrown into chaos as computer systems went down.(ABC News: Adam Griffiths)

Minister for Home Affairs Clare O’Neil used a press conference Saturday to warn that bad actors were already at work.

“There is something critical that I would like to ask Australians to do today, and that is be really careful and be really on the lookout for attempts to use this to scam Australians and to scam small businesses,” she said.

There had already been reports of phishing scams, where a criminal would attempt to gain access via unsolicited emails.

“Some small businesses in particular, and some individuals are receiving emails from people who are pretending to be CrowdStrike or who are pretending to be Microsoft, and are indicating you need to put in bank details to get access to a reboot.”

O’Neil asked anyone approached to report the situation to Scamwatch — a website run by the Australian Competition and Consumer Commission (ACCC).

“If someone has tried to scam you, they are trying to scam others,” she said.

Anyone who had given out banking or personal information should inform their bank immediately.

Cybersecurity expert David Cullen had already compiled a list of roughly 60 fake websites registered since outages appeared just after 2pm on Friday.

“We anticipate that list will grow exponentially over the come days,” he said.

“We are seeing cybercriminals register domains and register new websites that we believe they will use for the purpose of phishing campaigns and other online scams and fraud.”

Many of these websites contained keywords like CrowdStrike, fix, and BDOS (a tech acronym for basic disk operating system).

Loading…

Mr Cullen is a director of CISO Lens, an industry body consisting of chief security information officers and other IT workers from more than 100 corporations in Australia and New Zealand.

The list of fake websites was garnered from approaches that had been made to members’ corporate clients.

Mr Cullen said IT teams and businesses should be going straight to the source of truth for instructions, which was CrowdStrike itself or the Australian Cyber Security Centre.

Catriona Lowe wearing a black buttoned short-coat and black glasses, sitting in front of a window.

Catriona Lowe warned consumers to be wary of any unsolicited contact about the outages.(ABC News: Madeleine Morris)

The ACCC also issued similar warnings via a press release, warning of unsolicited calls, emails or messages requesting users to download a software patch or provide remote access to fix or protect their computer from the outages.

“Criminals look to take advantage of incidents like this CrowdStrike outage, creating a sense of urgency that you need to do what they say to protect your computer and your financial information,” ACCC deputy chair Catriona Lowe said.

“Downloading unsolicited software can give scammers access to your computer, including your bank accounts.”

Consumers should also be alert to unsolicited requests from individuals claiming to be from their financial institutions or other businesses requesting they update or verify their personal or financial information due to the CrowdStrike/Microsoft outage.

“Anyone can be scammed, so it is important to be wary of any unsolicited contact that purports to provide assistance in the aftermath of a major event like this,” Ms Lowe said.

CrowdStrike boss apologises

The CEO of CrowdStrike apologised for the incident in a statement released early Saturday.

A smiling man in a blue and black checkered suit with a white pocket

CrowdStrike CEO George Kurtz said the global outage was caused by a bug in an overnight update.(Supplied: CrowdStrike)

George Kurtz said the company “understands the gravity and impact of the situation”.

“I want to sincerely apologise directly to all of you for today’s outage,” Mr Kurtz said in the statement.

“We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority.

“We are working closely with impacted customers and partners to ensure that all systems are restored, so you can deliver the services your customers rely on.”

He said the incident was not the result of a cyber attack and the update would not impact computers’ security if the Falcon sensor is installed.

Services have begun coming back online after CrowdStrike resolved the bug but many companies are reportedly still dealing with backlogs caused by the incident.

Coles and Woolworths have this morning confirmed all stores are open for trading today, though some check-outs may continue to be affected.

A statement from the Australian Banking Association said impacts on banks and payment systems were “relatively minor, with any disruptions having already been remedied or in the process of being gradually restored”.

CrowdStrike has more than 20,000 subscriber companies around the world — one of the largest shares of the competitive security market.

Customers include Amazon and Microsoft.

Speaking to NBC’s Today Show, Mr Kurtz said not every computer running on the Windows operating system was impacted.

“These sort of things, obviously, you try to understand and mitigate them and in some cases, you have a weird interaction.

“It didn’t seem like it happened on every Windows system — there’s different versions and flavours and patch levels, if you will.”

Loading…

Posted , updated