(Hong Kong, 26 July 2024) Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) found reports that criminals take advantage of the public awareness and reaction regarding the recent CrowdStrike software update failure incident to deploy various possible attack tactics. Those attacks, including phishing and malware attacks, continue to evolve and expand their reach.
HKCERT has observed threat actors exploit the mentioned CrowdStrike incident to launch phishing attacks. These attackers are sending phishing emails and hosting fake websites posing as CrowdStrike officials, offering fake software updates and recovery manuals that actually deliver malware. The malicious files can cause data leakage, system crashes, and data loss. For individuals and organizations, this can also result in personal data exposure, reputational damage, and financial loss.
To receive the latest attack trend that threat actors making use of the Crowdstrike software update failure incident, please visit HKCERT related phishing alert and malware alert:
For corporates and organisations, the following best practices are recommended to be adopted to maintain secure and resilient IT environment, and to minimise the impact from similar event happening in the future:
To learn more about the security advisory of CrowdStrike denial of service alert, please visit the HKCERT website for the latest news:
https://www.hkcert.org/security-bulletin/crowdstrike-denial-of-service-vulnerability_20240719
Businesses or members of the public who wish to report to HKCERT on cyber security related incidents can do so by completing the online form at: https://www.hkcert.org/incident-reporting, or call the 24-hour hotline at 8105 6060. For further enquiries, please contact HKCERT at hkcert@hkcert.org.
- Ends -
Our Services
Community
Support & Resource
HKPC Spotlights
HKPC Academy
COPYRIGHT© Hong Kong Productivity Council
FOLLOW US
SUBSCRIBE TO OUR NEWSLETTERS
Share the latest information of HKPC to your inbox
SIGNUP NOW