Warning about fraud and cyber attack risks to businesses after the "blue screen" incident

DNHN - After the "Blue Screen of Death" incident on July 19, scammers and phishing-style cyber-attacks have increasingly targeted businesses, especially foreign enterprises.

On July 19, many major systems at airports, hospitals, and businesses using the Windows operating system unexpectedly encountered the "Blue Screen of Death" (BSOD). The issue was traced back to an update of Falcon Sensor software, used to protect Windows computers by cybersecurity company CrowdStrike. This event is considered one of the most serious technological incidents ever, causing a halt in operations of numerous essential services, including transportation, banking, and healthcare across multiple countries. An estimated 8.5 million computers worldwide were out of service at the time of the incident, primarily in the Americas and European countries.

Immediately following the incident, CrowdStrike provided guidance and support to customers to mitigate the aftermath. However, scammers have exploited this situation by impersonating CrowdStrike representatives to defraud businesses and infiltrate their systems. Specifically, scammers sent emails, social media messages, and even made phone calls to affected businesses, claiming to be from the cybersecurity company and offering to help resolve the issue, then demanding fees or access rights to steal data.

Carmi Levy, a technology analyst in Canada, highlighted that scammers continuously update their strategies based on public information to find opportunities for fraud. 

"We often imagine scammers and professional cybercriminals as masterminds in James Bond movies – evil geniuses using sophisticated technology and extensive knowledge – but in reality, they are very lazy," Levy mentioned in an interview with CBC Canada. "They will attack us when we are most vulnerable... They target moments of natural or man-made disasters like this incident, when everything is in chaos and there is a lot of uncertainty."

Ongoing impact of the "Blue Screen" incident

After the "Blue Screen of Death" incident on July 19, scammers and phishing-style cyber-attacks have increasingly targeted businesses, especially foreign enterprises. The effects of the incident lingered in the days following. Some passengers were informed that it would take three days to reach their destinations, while many hospitals and banking services remained disrupted.

Two-thirds of flights in the US on the past Saturday were canceled as airlines worked to reposition planes and crews after the incident. According to data from travel data provider Cirium, US airlines canceled 3.5% of scheduled flights on Saturday. This figure was 2% for Canada, Italy, and India; 1% for the UK, France, and Brazil.

In Austria, the association of leading doctors warned that the incident revealed serious issues of reliance on electronic devices in medicine, as reservation systems, surgical support equipment, and patient record systems were rendered inoperative.

Harald Mayer, Vice President of the Austrian Chamber of Doctors, stated that hospitals need backup copies of patient records. The organization also urged the government to adopt the highest standards for protecting patient data and called for healthcare units to train staff and reinforce system equipment to prevent risks.

How to protect yourself and your business from risks following this incident

To guard against risks, businesses and individuals using computers should note the following:

- If someone claims to be from major tech companies (Microsoft, Google, Meta…) and promises support for issues, it is likely a scam since support teams from these companies do not directly contact customers this way. If in doubt, contact the support team through official channels to verify.

- If you receive an email or message offering support, verify by checking the company's website for any new updates or announcements. Ensure the email format/link matches the official email/link of the company

- If you accidentally click on a phishing link or grant remote access, immediately secure your email and other accounts, and change passwords.

- For critical services like banking, avoid relying solely on mobile banking apps and have alternative manual methods to contact the bank in case your phone is compromised.

- Educate all employees about common scam methods and remind them not to use company computers/networks to log into suspicious addresses/emails.

By following these precautions and remaining vigilant, businesses and individuals can better protect themselves from potential scams and cyber-attacks following such incidents.

Phong Linh