Nigeria’s critical national information infrastructure has not been impacted by the global IT outage that swept across the world last week, the nation’s internet police says.
The Nigeria Computer Emergency Response Team otherwise known as ngCERT, is also warning Nigerians to beware of “cybercriminals exploiting the situation to conduct malicious activities.”
“The ongoing global IT disruption has not impacted our critical national information infrastructure, except for some international flights from Nigeria to Europe and America and some users of Microsoft 365, Azure, AWS cloud platforms running Windows operating systems,” ngCERT says in an update posted on social media service, X.
ngCERT update comes amid another from the National Information Technology Development Agency (NITDA) which issued an alert following a widespread outage affecting Microsoft Windows users in Nigeria.
This disruption, NITDA says, has resulted in the infamous Blue Screen of Death (BSOD), attributed to a recent update from CrowdStrike, a prominent cybersecurity firm.
NITDA on cause of global IT outage
NITDA says the problem was caused by stems from the Falcon sensor, CrowdStrike’s Endpoint Detection and Response (EDR) agent. The software, designed to monitor and respond to intrusions, has caused unexpected crashes in systems across the globe after its latest update.
CrowdStrike’s Response
CrowdStrike has said it was actively working with customers impacted by the defect found in a single content update for Windows hosts. The company has confirmed that this was not a cyberattack. The issue has been identified, isolated, and a fix has been deployed, CrowdStrike said, directing customers to its support portal for the latest updates and assures continuous updates on its website.
According to CrowdStrike, “we further recommend organisations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilised to ensure the security and stability of CrowdStrike customers.”
According to the technology company, “we understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.
“We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon Sensor is installed”.
Impact
The impact of this outage is significant:
System Crashes: Users are experiencing frequent system crashes, disrupting daily operations.
Data Loss: There is a heightened risk of data loss due to sudden system failures.
Service Interruptions: Businesses are facing interruptions in their services, affecting overall productivity.
Operational Delays: Efforts to address these crashes are leading to delays in regular operations.
Preventive Measures
NITDA recommends the following preventive steps for affected users:
Avoid Updating to the Latest CrowdStrike Version: Users should refrain from updating the Falcon sensor until a stable version is released.
Monitor Official Channels: Regularly check CrowdStrike’s official communications for updates on fixes or workarounds.
Back Up Critical Data: Ensure that all critical data is regularly backed up to mitigate the risk of loss during system crashes.
Responding to BSOD:
Roll back to a previous system restore point before the update if a BSOD occurs.
Temporarily disable the affected software until a fix is provided.
NITDA urges all users to stay informed and take necessary precautions to minimise the impact on their systems. CrowdStrike is currently working to identify the root cause of the issue and develop a stable update.
About CrowdStrike
CrowdStrike Holdings, Inc. is an American cybersecurity technology company headquartered in Austin, Texas. It offers a range of services including cloud workload protection, endpoint security, threat intelligence, and cyberattack response. CrowdStrike specializes in detecting unusual activities and vulnerabilities to protect computer systems from malware and other threats. Founded in 2011, the company operates in over 170 countries.