Blog
/
The CrowdStrike Outage Highlights the Need for Multi-Layer Business Cybersecurity

The CrowdStrike Outage Highlights the Need for Multi-Layer Business Cybersecurity

A wave of opportunistic cyber scammers and phishers pounced into action following the mass CrowdStrike outage. Businesses must protect themselves across all attack vectors.

The mass disruption caused by a buggy CrowdStrike update paved the way for widespread chaos—some of which still remains days after the event. 

The outage from one of the world’s largest cybertech providers disrupted core operations for many large—and critical—companies, impacting the lives of millions of people in the process (thousands of flight cancellations, notably, took place in a single day). 

CrowdStrike quickly deployed an update to address the issue, just as opportunistic cybercriminals quickly sprung into action.

A cybercriminal feast

Phishers quickly capitalized on the confusion by posing as CrowdStrike support representatives and requesting sensitive information under the guise of resolving the outage issues. Many of these scams contain malicious links masqueraded via “typosquatting” (i.e., using URLs similar to legitimate sites, but just slightly off). In a recent blog, the company recommended that “organizations ensure they are communicating with CrowdStrike representatives through official channels.”

Phishers quickly capitalized on the confusion by posing as CrowdStrike support representatives and requesting sensitive information under the guise of resolving the outage issues.

Signs that you may have fallen victim to these scams include unusual account activity and unfamiliar login locations following requests for personal information. If you suspect you've been targeted, immediately change your passwords, monitor your accounts for suspicious activity, and report the incident to your IT department, cybersecurity provider, or CrowdStrike themselves.

CrowdStrike has been a reliable security vendor for more than a decade. However, the recent issues show the need for businesses to protect themselves—and their customers—with a holistic, multifaceted approach across all digital fronts. 

The need for a holistic cyber approach

Opportunistic criminals are poised to pounce on any moment of mass confusion. It is crucial that businesses take a multi-layer approach to security that takes on the Application and User levels, both of which can be addressed by tools in the Upfort Shield platform.

Application-layer defense

Shield is informed by a Consolidated Threat Database, which is continuously updated with global cybercrime data to surface users and websites that aren’t what they seem. 

This digital intel helps power Inbox Defender, which uses advanced AI to identify phishing scams and alert users in real-time if an email sender isn’t who they say they are. Similarly, Shield’s Browser Firewall taps Upfort’s CTD to alert users to known malicious websites before they enter.

User-layer defense

Upfort’s Cyber University provides comprehensive cybersecurity training for employees to empower them to identify scams and address vulnerabilities. Upfort’s in-house team of security experts is always adding new interactive learning modules to address the latest cyber threats. 

This proactive approach ensures that companies can defend against phishing scams and other cyber threats effectively. 

Insurance layer

You can never 100% avoid events like the CrowdStrike outage, but you can take measures to keep your business safe. It may seem strange to consider insurance as a form of cybersecurity, but if the goal is to keep your business operating in a world that will always have cybercrime, resilience can be just as important as prevention. There are a lot of unwitting cyber victims out there, who wish they had coverage in the event of a crime. 

By staying vigilant and proactive, businesses can navigate the challenges posed by service outages and protect their sensitive information from cybercriminals.

Sign up for our newsletter

Subscribe