Navigating Cyber Security Risks Post-Microsoft-CrowdStrike Outage

In the aftermath of the recent worldwide tech outage caused by a faulty software update from cybersecurity firm CrowdStrike, small businesses find themselves at increased risk.

Here are key points to consider:

Be Sceptical of Unexpected Communications: Small business owners and employers should exercise caution when encountering unexpected emails, screen pop-ups, or phone calls claiming to be from Microsoft, CrowdStrike, or other large organisations (such as banks and telcos). Scammers often exploit confusion during disruptions to deceive unsuspecting victims.

Fast, Free Cybersecurity Education: Small businesses can proactively protect themselves by completing the Cyber Wardens course. This weekend course provides basic cybersecurity education. Before acting on any unsolicited or suspicious prompts (such as requests to “reboot” or “update”), ensure you have the necessary knowledge to discern legitimate communications from potential threats.

Scamwatch.gov.au for Suspected Scams: If you suspect that you’ve been targeted by a scammer attempting to gain unauthorised access to your computer, visit Scamwatch.gov.au for guidance. Prompt reporting and awareness are crucial in preventing further damage.

Heightened Awareness After Major Outages: COSBOA CEO Luke Achterstraat warns that cyber scammers may exploit the CrowdStrike incident to target small businesses. Be wary of phishing emails or phone calls urging you to “reboot” or take action. Clicking on malicious links can compromise your system and expose sensitive information.

Source Information from Official Channels: The Australian Signal Directorate’s Australian Cyber Security Centre emphasizes the importance of obtaining technical information and updates directly from official CrowdStrike sources. Avoid relying on unverified channels during critical situations.

User Error and Digital Literacy: While the CrowdStrike outage wasn’t a deliberate cyber attack, it underscores the need for proactive measures. Basic digital knowledge gaps can leave businesses vulnerable. Ongoing education and awareness programs are essential to strengthen cybersecurity resilience.

Remember, staying informed and cautious is the first line of defence against cyber threats. Small businesses play a vital role in safeguarding their own interests and those of their clients, customers, and communities.