Cybersecurity professionals and organizations globally are alerting individuals to a surge of opportunistic hacking endeavors associated with the IT disruption.

While there is no proof that the CrowdStrike outage resulted from malicious actions, certain malicious entities are trying to exploit the situation.

Authorities in the UK and Australia are cautioning the public to remain cautious of fraudulent emails, phone calls, and websites posing as legitimate entities.

George Kurtz, the CEO of CrowdStrike, urged users to verify the authenticity of the company's representatives before proceeding with any downloads of fixes.

“We know that adversaries and bad actors will try to exploit events like this,” he said in a blog post.

“Our blog and technical support will continue to be the official channels for the latest updates.”

Troy Hunt, a cybersecurity expert who operates the popular Have I Been Pwned security website, reiterated his sentiments.

“An incident like this that has commanded so many headlines and has people worried is a gift to scammers,” he said.

Hunt responded to a notification from the Australian Signals Directorate (referred to as the ASD, similar to the UK’s GCHQ or the US’s National Security Agency) which had issued an advisory about hackers disseminating counterfeit software patches falsely claiming to be from CrowdStrike.

“Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover,” the notice reads.

The organization is advising IT responders to exclusively utilize CrowdStrike's website for obtaining information and assistance.

The caution from ASD comes after the UK's National Cyber Security Centre (NCSC) issued a warning on Friday, urging individuals to remain highly vigilant against suspicious emails or calls impersonating CrowdStrike or Microsoft support.

“An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the agency said.

Fear and uncertainty

Hackers always adapt their methods in response to major news events, particularly those related to technology, in order to exploit the resulting fear and uncertainty.

This was evident during the Covid-19 pandemic, as hackers modified their phishing tactics to exploit the situation and target individuals and organizations.

Given the widespread coverage of the IT outage, it is likely that hackers will seek to take advantage of the situation.

Researchers at Secureworks have reported a significant increase in CrowdStrike-themed domain registrations. This surge indicates that hackers are creating new websites designed to appear legitimate, with the intention of deceiving IT managers or the general public into downloading harmful software or disclosing private information.

The guidance primarily targets IT managers who are facing the impact of this situation while working to restore their organizations' online presence.

However, individuals may also become victims, prompting experts to advise vigilance and reliance solely on information provided through official CrowdStrike channels.