The scams may come in the form of a message or an email, cyber experts say. Photo: 123RF
New Zealand cyber experts are warning Kiwis to watch out for scams following Friday's CrowdStrike IT outage.
Cyber criminals have reportedly been trying to take advantage of Friday night's global IT collapse, when an update to software run by US cyber security firm CrowdStrike caused chaos, leading to cancelled flights and internet banking disruption across the world.
- Read more: Explainer: What caused the global cyber outage?
- What we know about CrowdStrike
- Global tech crash opened like a Hollywood disaster film. So how does it end?
Jordan Heersping from the National Cyber Security Centre - part of the Government Communications Security Bureau - said people should doublecheck any communications that claim to be from CrowdStrike or Microsoft.
"We have observed some increase in phishing referencing this outage. We know that malicious actors do like to make use of current events to conduct their activities against people."
The agency had seen scammers use the event for criminal acts - usually in the form of text messages or emails, Heersping said.
"It's primarily a message or an email referencing CrowdStrike support, or CrowdStrike security. It could be referencing Microsoft as well.
"They'll be asking people to provide credentials or to download some file, which the actor will use to conduct further activity."
Meanwhile, cyber security analysts CISO Lens country manager for NZ Nadia Yousef said it may take other countries longer to recover from the CrowdStrike glitch. Most internet services in New Zealand were well on the way to being restored, she said - but not all had been so lucky.
"Obviously, our friends in the US and Europe have been much more significantly affected. They have much bigger networks, much bigger companies and probably a bigger CrowdStrike footprint.
"So I think we could expect it to take longer for our international counterparts to get back up and running."
The outage was a good reminder for New Zealand organisations and the government to make sure they had a resiliency plan in place, she said.
"In this case, we're victims of our overwhelming reliance on a handful of mega-companies, and what's happened in the last day or so reflects when it goes wrong."
Meanwhile, restaurants and bars appear to have come through the outage relatively unscathed. Restaurant Association chief executive Marisa Bidois said there were delays for some customers, but there was no indication the meltdown had stopped people going out.
"We still have reports of the usual number [for] Friday night at this stage, but we'll certainly be getting more data as the days go on."
Bidois said there had been reports of businesses who had faced problems taking bank transfers as payment and "just having people signing receipts to pay the bill later".
