Security Alert: Global Crowdstrike Outage

At-Bay Security is monitoring the unfolding system outage that has been reported by CrowdStrike, and we are working with customers that may be impacted directly or indirectly by related outages. Additionally, At-Bay has become aware of attempts by cyber threat groups to perform social engineering attacks by contacting businesses posing as CrowdStrike representatives in order to offer technical support. Their intent appears to be to exploit potential victims of the system outage in order to gain sensitive information such as login credentials or to convince them to unwittingly install malware.

At this time, social engineering attempts appear to be opportunistic, since they are impacting organizations that don’t have CrowdStrike products deployed in addition to those that do. However, any company that is publicly known to be experiencing a system outage concurrent with the CrowdStrike outage may be assumed to be running a CrowdStrike product by attackers. So, companies that have reported an outage to their stakeholders might be targeted as news of their situation becomes public.

If you or a member of your organization are contacted by an unknown person offering support related to the CrowdStrike outage, we recommend that you verify their identity with a known individual (e.g., your assigned CrowdStrike account representative or a known representative of the provider of your CrowdStrike software) before sharing sensitive information or providing access to your technology environment.

Questions about this advisory may be directed to At-Bay’s security team at security@at-bay.com.