Microsoft CrowdStrike Software Update leading to Phishing Attacks

A couple weeks ago, an IT outage hit Microsoft Windows 10 and 11 servers shortly after CrowdStrike released a Falcon Sensors software update. Rather than resolving, the update transformed into a software bug , affecting over 8.2 million PCs and servers globally.

The disruption, initially caused by the software update, has since been exploited by hackers, who are using the vulnerability to launch phishing attacks.

The Computer Emergency Response Team (CERT) of India has issued a worldwide alert, warning that CrowdStrike Threat Monitoring software users are being targeted in a phishing scam. Thousands in India and potentially millions worldwide are at risk.

CERT-India’s advisory, released last Saturday, cautions Windows 10 and 11 users to be vigilant against phishing attempts. Hackers are posing as CrowdStrike support staff through phone calls, emails, or SMS messages. Their goal is to infiltrate networks, gather intelligence, or deploy malware, exacerbating the IT crisis that began with the Microsoft outage on July 19, 2024.

CrowdStrike is grappling with a loss of trust, customer migration, and other business challenges following the incident. If customers fall victim to these phishing attacks, it could further damage the company’s reputation and financial stability, potentially leading to significant losses and a severe impact on this year’s profits.

To protect against these threats, it’s crucial to verify the identity of anyone claiming to be IT support before taking any action. Additionally, raising awareness among employees about these phishing schemes is essential to mitigate potential damage.

It’s worth noting that CERT-India’s warning coincides with media speculation about the hacking group USDoD allegedly leaking data from CrowdStrike’s servers earlier this year.

In response, John Cable, Microsoft’s VP of Program Management, has stressed the importance of end-to-end resilience. Microsoft plans to restrict kernel access for security software by focusing on alternatives like Azure Attestation Service and VBS Enclave—measures similar to those Apple implemented for macOS in 2020. Additionally, Microsoft has hired over 5,000 support engineers to help affected organizations recover from the outage, aiming to enhance its service levels by 100% by the first week of August 2024.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display