Microsoft has revealed how many devices it says were affected by a global IT outage linked to a software update from cybersecurity firm CrowdStrike.
Friday’s update caused system glitches that grounded flights, took broadcasters off the air and left customers unable to access services such as healthcare or banking.
“We currently estimate that “The attack affected 8.5 million Windows devices, or less than one percent of all Windows machines,” Microsoft said in a blog post on Saturday.
“While the percentage was small, the broad economic and societal impact reflects the use of CrowdStrike by enterprises that manage many mission-critical services.
CrowdStrike helped develop a solution that would help Microsoft’s Azure infrastructure find a solution faster, Microsoft said. Microsoft worked with Amazon Web Services and Google Cloud Platform, sharing information about the impact Microsoft was seeing in the industry.
Warnings for scams after outage
Cybersecurity agencies around the world, and even CrowdStrike CEO George Kurtz, are warning businesses and individuals about new phishing attacks in which malicious parties pose as CrowdStrike employees or other technical specialists offering help in resolving the outage.
“We know that adversaries and malicious actors will attempt to exploit these types of events,” Kurtz said in a statement.
“I encourage everyone to remain vigilant and ensure you contact official CrowdStrike representatives.”
Home Secretary Clare O’Neil said any emails or phone calls from strangers claiming to be from CrowdStrike or offering to help you reboot your system should be treated as suspicious.
“If someone called you and said they were going to help you, or help you reboot your system, I would hang up the phone,” she told reporters in Melbourne on Saturday.
Australia’s intelligence agency, the Australian Signals Directorate, is also warning people about hackers spreading malicious websites and code that are supposed to fix the outage.
If you suspect you have been scammed, contact your bank and report the incident to Scamwatch.