FINRA has issued a cybersecurity alert concerning a recent CrowdStrike service outage that has impacted Microsoft operating systems. This disruption, which began on July 19, 2024, is linked to a software update affecting CrowdStrike's Falcon software. The Cyber and Analytics Unit (CAU) within FINRA's Member Supervision program is actively monitoring the situation.
Details of the Outage
On July 19, 2024, CrowdStrike publicly disclosed an outage caused by a software update, which resulted in widespread disruptions for Microsoft Windows devices utilizing the Falcon software. According to CrowdStrike CEO George Kurtz, "this is not a security incident or cyberattack" but rather a service-related disruption. The company has since provided updates and troubleshooting guidance to assist affected customers.
Potential Secondary Risks
Given the scale of this disruption, member firms should be vigilant for secondary risks. Cybercriminals may exploit this incident to conduct social engineering and phishing attacks. The Cybersecurity & Infrastructure Security Agency (CISA) has reported observing threat actors targeting organizations through phishing and other malicious activities, capitalizing on the ongoing issues. CISA recommends that organizations stay alert and adhere to instructions from verified sources.
CrowdStrike advises firms to communicate through its Support Portal or other official channels for assistance and updates.
Action Items for Member Firms
- Ensure that any IT service vendors you work with are aware of this disruption and are taking appropriate measures.
- Be extra cautious of potential phishing or social engineering attempts that might leverage the current situation.
- Any critical system or business operations issues should be reported to your Risk Monitoring Analyst at FINRA.
- Follow guidance from official sources and avoid relying on unofficial information.
Conclusion
It's important to note that this alert does not introduce new legal or regulatory requirements or reinterpret existing ones. It does not exempt members from their current obligations under federal securities laws and regulations. Instead, it serves as a reminder to consider these developments when reviewing or updating your cybersecurity practices in alignment with regulatory requirements.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.