- Posted July 20, 2024
Update: 22 July 2024
CrowdStrike continue to release further advice and guidance on the widespread IT outage.
The NCSC encourages New Zealand organisations to review the CrowdStrike guidance available at Falcon Content Update Remediation Guidance Hub(external link) and continue applying updates and patching software.
Technical details and advice have been released(external link) for those who want to understand the root cause analysis to determine how the error occurred.
Microsoft have published a blog(external link) that helps customers through this outage and provides an update on the steps taken with CrowdStrike and others to remediate and support those impacted. Microsoft have also released a recovery tool(external link) to help Windows endpoints which includes using a USB drive to boot and repair affected systems.
There continues to be an increased risk of phishing as cyber threat actors leverage the outage to conduct malicious activity. There are also reports of malicious websites and unofficial code being released. The NCSC encourages organisations to remain alert to this activity and to only source technical information from official sources.
Initial Alert: 20 July 2024
An IT outage following an update made by CrowdStrike software has caused significant disruption globally.
This update resulted in outages in windows systems.
The issue has been identified, isolated and the vendor has released remediation guidance for customers, available via their CrowdStrike Customer Portal which will be updated as the situation evolves.
We encourage New Zealand organisations that have been impacted by this disruption to review the guidance issued by the vendor(external link) and act immediately.
The NCSC has no information to indicate these issues are related to malicious cyber security activity.
However, there has been an observed increase in phishing referencing this outage, as opportunistic malicious cyber actors seek to take advantage of the situation.
We encourage organisations and individuals to be alert to this increased activity. Helpful resources to protect against phishing are available below.