Anyone who was out shopping or trying to catch a plane last Friday afternoon (the 19th of July), will know that a serious and widespread computing outage was wreaking havoc on all kinds of services. The CrowdStrike Outage, named after the company responsible, is being called the biggest outage in IT history. Surprisingly, it was not caused by a coordinated attack as was initially feared, but by a bad update, which appears to have slipped through without being tested.
CrowdStrike has a security product called Falcon which is integrated into the security systems of Microsoft computers at many large companies and organisations like banks, supermarkets, and airports. The update caused these computers to display the infamous BSOD error (Blue Screen Of Death), which disconnected all of these computers from receiving the fix that was rolled out by CrowdStrike. This meant that every computer suffering from this bad update (8.5 million around the world) had to be individually addressed by the local IT staff. And in the meantime, customers with trolleys full of groceries, and people waiting for planes or trying to buy petrol, were entirely out of luck. It's being compared to the kind of disruption that was theorised about in the Y2K scenario. For more of the technical details check out this article from Tech Target.
The reason I'm writing a blog about this today is that scammers are already exploiting the uncertainly about this event to legitimise their claims. Yesterday we had a long-term client come in who had been scammed out of several thousands of dollars and part of the reason they succeeded in convincing her to let them into her computer was because she herself was in a shop trying to make a purchase when the computers went down. Her transaction didn't work initially, and the shop staff member tried to put it through again. The scammers told her that her bank accounts had been compromised in the CrowdStrike event and that they needed access to them in order to track the movements of these fictional hackers, and she found this plausible due to her own experience. So I want to make it clear to everyone that your bank accounts have not been compromised by the CrowdStrike outage and anyone trying to claim this is looking to steal from you. The outage was caused by incompetence and hubris, it was not malicious, and it won't have any impact on your computer. Please do not provide remote access to your computer to a stranger who has cold called you, and do not give any person access to your internet banking, ever.