The colossal CrowdStrike tech snafu that shut down air travel, snarled banking and hospital systems, and tangled businesses worldwide created a fertile ground for criminal hackers that could trigger continuing major distruptions and fleece computer users, experts across the globeare warning.
Cybersecurity firm Crowdstrike said Friday that the chaos was triggered after a "defect" in one of its software updates hit Windows operating systems.
A "fix" was quickly deployed and the situation was slowly returning to normal, but many systems were still in flux Saturday, with thousands of flights, including hundreds of U.S. planes, grounded.
Continuing fallout is expected to be triggered by an army of hackers burrowing into temporarily vulnerable systems.
U.S. cybersecurity agency CISA said in a statement Friday that though the CrowdStrike outage was not linked to a cyberattack or malicious activity, it has "observed threat actors taking advantage of this incident for phishing and other malicious activity."
CISA warned individuals to "avoid clicking on phishing emails or suspicious links" which could provide access to hackers into their computers.
"Criminals look to take advantage of incidents like this Crowdstrike outage, creating a sense of urgency that you need to do what they say to protect your computer and your financial information," Catriona Lowe, deputy chair of Australia's Competition and Consumer Commission, noted on the government's "Scamwatch" site.
Britain's National Cyber Security Centre issued a similar message Friday, warning against "opportunistic malicious actors" already moving in to profit from the mess.
Criminals posing as representatives of Crowdstrike or Microsoft in emails or on the phone are seeking personal information, including bank account numbers, or sending fraudulent software "fixes" that are actually invasive worms into computers and operating systems to establish control.
Australia's Minister of Home Affairs Clare O'Neil called a press conference Saturday to warn the public.
"Some small businesses in particular, and some individuals are receiving emails from people who are pretending to be CrowdStrike or who are pretending to be Microsoft, and are indicating you need to put in bank details to get access to a reboot," she explained.
"I ask Australians to be really cautious over the next few days about attempts to use this for scamming or phishing," O'Neil added.
"If you see an email, if you see a text message that looks a little bit funny, that indicates something about CrowdStrike or IT outages, just stop. Don't put any details."
Experts warned that only Crowdstrike's website should be used for information and help as those affected by the glitch work to get up and running again.
