20 July 2024
Update: 22 July 2024
CrowdStrike continue to release further advice and guidance on the widespread IT outage.
The NCSC encourages New Zealand organisations to review the CrowdStrike guidance available at Falcon Content Update Remediation Guidance Hub and continue applying updates and patching software.
Falcon Content Update Remediation Guidance Hub External Link
Technical details and advice have been released for those who want to understand the root cause analysis to determine how the error occurred.
CrowdStrike technical details and advice External Link
Microsoft have published a blog that helps customers through this outage and provides an update on the steps taken with CrowdStrike and others to remediate and support those impacted. Microsoft have also released a recovery tool to help Windows endpoints which includes using a USB drive to boot and repair affected systems.
Microsoft blog: Helping our customers through the CrowdStrike outage External Link
Microsoft recovery tool External Link
There continues to be an increased risk of phishing as cyber threat actors continue to leverage the outage to conduct malicious activity. There are also reports of malicious websites and unofficial code being released. The NCSC encourages organisations to remain alert to this activity and to only source technical information from official sources.;
20 July 2024
An IT outage following an update made by CrowdStrike software has caused significant disruption globally.
This update resulted in outages in windows systems.
The issue has been identified, isolated and the vendor has released remediation guidance for customers, available via their CrowdStrike Customer Portal which will be updated as the situation evolves.
We encourage New Zealand organisations that have been impacted by this disruption to review the guidance issued by the vendor and act immediately.
Statement on Falcon Content Update for Windows Hosts | CloudStrike External Link
The NCSC has no information to indicate these issues are related to malicious cyber security activity.
However, there has been an observed increase in phishing referencing this outage as opportunistic malicious cyber actors seek to take advantage of the situation.
We encourage organisations and individuals to be alert to this increased activity. Helpful resources to protect against phishing are available below.
Email Scams | Own Your Online External Link
Phishing Scams for Organisations | Own Your Online External Link