On Monday Amazon Web Services (AWS) went down in the US causing a ripple effect, from governments and local municipalities, to enterprises, small businesses and the individuals who rely on these services daily.
AWS is a cloud-based service thousands of major companies use to not only store their data, but run their apps and software for many critical business services.
Whether basic communications using apps such as Snapchat, Signal and Reddit to airlines such as Delta and United reporting disruptions to their customer facing operations, when these services go down it highlights the reliance on just a few cloud services companies (AWS, Microsoft Azure, ANd Google Cloud) to run the country so to speak.
The AWS outage has further impacted shopping websites, banking apps, and even streaming and smart homes devices.
And while organizations scramble to ensure business operations continue to run, it’s also an opportunity for individuals to do a quick check-in on their own cyber hygiene.
Cybercriminals and hackers can easily take advantage of these types of outages to deploy an array of social engineering attacks.
Whether in the office or at home, nothing is more frustrating than losing the ability to access files and documents, and communicate with business associates or loved ones, especially in an emergency or crisis.
Hackers who rely on mass urgency and panic will see this as an opportunity to take advantage of people’s heightened emotions with phishing emails offering to “fix” the issue and get you back online and into your accounts or apps.
But in reality, these scammers are looking to steal your personal information, such as login credentials by tricking you into updating your software or resetting your password.
During major outages, users should avoid clicking on any links in emails, texts and pop-ups claiming to be able to fix the outage.
Additionally, double check that any alerts or update messages from organizations, such as your bank or payment apps, are verified from the official website or app.
This is the time to make sure you are using a strong password and multifactor authentication to prevent any unauthorized access to your accounts.
However, individuals should also delay making sensitive transactions, such as major financial transactions, resetting your password, or installing critical software updates, until the service in question has been announced as officially restored.
Furthermore, when the service disruption has ended, users should also monitor any affected accounts for unusual activity, discrepancies, and duplicate or fraudulent transactions.
Finally, this is an excellent reminder for individuals to make sure they have a back-up system in place to access important documents and for communications.
This can be as easy as keeping a secondary email account or even a back-up mobile phone.
