The recent global IT outage, instigated by a problematic software update from CrowdStrike, has inadvertently opened the floodgates for cybercriminals. As organizations across the globe grapple with the fallout from this unprecedented disruption, malicious actors are seizing the opportunity to launch phishing campaigns and disseminate malware-laden links. These criminals are targeting individuals and businesses alike, luring them into clicking on contaminated links that masquerade as legitimate updates or solutions to CrowdStrike-related issues.
Massive Outage Touches Every Aspect of Life
From airlines and banks to grocery stores and emergency services, virtually every organization reliant on Windows computers equipped with CrowdStrike Falcon is feeling the impact of this tech tsunami. In the midst of this chaos, criminals are attempting to exploit the situation by offering fake assistance, which often comes with a hidden agenda.
Homeland Security Issues Alert About Threat Actors
The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) is closely monitoring this surge in online criminal activity, which presents a secondary threat to the American public. CISA has issued a statement urging vigilance: “CISA has observed threat actors taking advantage of this incident for phishing and other malicious activity. We recommend that organizations and individuals remain cautious and only follow instructions from verified sources. It is crucial to remind employees to avoid clicking on suspicious emails or links.”
The outages began at 1:20 a.m. ET on Friday, coinciding with CrowdStrike’s rollout of a flawed update to its Falcon security product. This led to widespread system failures, with screens freezing on the infamous “blue screen of death.”
How to Protect Against Threat Actors
- Avoid clicking links in any communication related to the CrowdStrike or Windows disruption.
- Be prepared for digital storms by investing in robust antivirus protection. This is essential for safeguarding against malicious links that could install malware and compromise your private information. Consider exploring the best antivirus solutions for 2024 to ensure your devices are protected.
- Utilize official sources for addressing security incidents like this one.
CrowdStrike’s CEO, George Kurtz, has acknowledged the severity of the situation, expressing regret for the disruption caused. In a recent statement, he emphasized the company’s commitment to assisting affected customers in restoring their systems and services.
How to Recover from the ‘Blue Screen of Death’ Outage
In response to the widespread issues, CrowdStrike is working diligently to deploy a previous version of its Falcon software. For those experiencing difficulties with their Windows PCs or laptops, the company has outlined several workaround steps:
- Reboot the host to allow it to download the reverted channel file. If the host crashes again, proceed to the next step.
- Boot Windows into Safe Mode or the Windows Recovery Environment. Note: Connecting the host to a wired network instead of Wi-Fi and using Safe Mode with Networking may facilitate remediation.
- Navigate to the %WINDIR%System32driversCrowdStrike directory.
- Locate the file named “C-00000291*.sys” and delete it.
- Boot the host normally.
It is important to note that Bitlocker-encrypted hosts may require a recovery key for access.