The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) has identified that criminals are exploiting public awareness and reactions to the recent CrowdStrike software update failure to deploy various attack tactics. These attacks, including phishing and malware campaigns, continue to evolve and expand.
Reports
HKCERT has observed that threat actors are using the CrowdStrike incident as a pretext for phishing attacks. They are sending fraudulent emails and creating fake websites that impersonate CrowdStrike officials, offering bogus software updates and recovery manuals that actually deliver malware. These malicious files can lead to data leakage, system crashes, and data loss. For individuals and organizations, this can also result in personal data exposure, reputational damage, and financial loss.
What to do
For corporates and organisations, the following best practices are recommended to be adopted to maintain secure and resilient IT environment, and to minimise the impact from similar event happening in the future:

Adopt vendor management and build transparency with vendors, and stay vigilant to supply chain attacks
When possible, avoid solely rely on single technology, solution and vendor to minimise single point of failure
Apply security risk assessment on IT systems and applications, evaluate the impact of third-party risks on both operating system and application level
Apply change management and configuration management to IT systems and applications, include application testing and verification in deployment steps and prepare a fallback plan prior proceeding patch update
Develop Business Continuity Plan (BCP) to main the business in case of an incident occurred and affected the business’s IT environment
Arrange and perform incident response and disaster recovery drill regularly to verify the effectiveness of BCP
Develop incident response plan to IT systems and applications, referring to HKCERT’s “Incident Response Guideline for SMEs”
Review application software privilege in IT systems periodically.  Maintain least privileges practices to minimise the impact of application software failure

Source: HKCERTThe post Public and Organizations Urged to Boost Cyber Resilience first appeared on IT News Africa | Business Technology, Telecoms and Startup News.