An error message with a blue screen appeared on a PC screen running Microsoft windows 10 following a faulty update to the CrowdStrike company s cybersecurity software. Photo: SEBASTIEN LAPEYRERE / AFP
Cyber experts are warning New Zealand companies caught in the CrowdStrike IT outage it could be several days before they are protected from scammers.
A faulty update by the US cyber security firm caused disruptions for 8.5 million Windows devices around the globe. It halted flight, and disrupted retailers, banking and healthcare systems.
While customers saw most services restored on Saturday, there are fears criminals are trying to take advantage of the IT collapse.
NetSafe chief executive Brent Carey said businesses hit by the IT outage could be vulnerable to scammers for the next few days.
He said while CrowdStrike has sent out a fixed software update for its clients - also known as a patch - it may take a few days for all organisations to install it and be protected.
"Scammers will take advantage of that vulnerability, so it's important that everyone makes sure that they're running the latest version of their software, including that new patch," he said.
Carey said everyone should be on alert for communications from anyone pretending to be CrowdStrike.
"Looking out for any of that impersonation, any of that you know requests for passwords, any suspicious links that might be coming through, just don't click on those.
"And again, just don't be pressured into contacting someone pretending to be from CrowdStrike."
That warning was echoed by the National Cyber Security Centre - part of the Government Communications Security Bureau.
Manager for incident triage and response Jordan Heersping said there had been an increase in phishing referencing the CrowdStrike outage.
"Primarily this looks like emails or other types of messages being sent to people and they might be imitating CrowdStrike support or Microsoft security, or something like that, trying to get people to provide credentials or download software which the attacker might use to conduct further activity."
Heersping said there had been no reports of people falling for these scams yet, they wer monitoring the situation.
Meanwhile, Banking Association chief executive Roger Beaumont said banks would be scrutinising what happened over the coming week.
Beaumont applauded local banks for how they managed the outage.
"Given the scale of the issue and the global nature of the issue, our banks responded incredibly fast, and were able to affect change and resume normal services relatively quickly for customers."
Minister for Emergency Management and Recovery Mark Mitchell said he had not received any information to indicate ongoing issues as a result of the CrowdStrike fault.
He said at this early stage the government had not identified any need to talk to CrowdStrike about compensation.
