Cybersecurity Alert - FINRA Update to Member Firms Regarding CrowdStrike IT Service Disruption
Impact: All Firms
Firms should review this information with any vendors who provide information technology services to the firm.
The Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision program highlights recent reports of a CrowdStrike service outage affecting Microsoft operating systems. FINRA continues to monitor the outage.
On July 19, 2024, CrowdStrike publicly disclosed a disruption caused by a software update which led to widespread outages on Microsoft Windows devices running CrowdStrike’s Falcon software. CrowdStrike’s CEO George Kurtz stated, “this is not a security incident or cyberattack”1. CrowdStrike is providing updates and published troubleshooting guidance for customers experiencing issues.
In connection to the widespread disruption, member firms should be aware they may experience secondary attacks from cyber criminals seeking to leverage this incident to carry out social engineering and phishing attacks. The Cybersecurity & Infrastructure Security Agency (CISA) published an alert and observed threat actors taking advantage of the incident, targeting organizations for phishing and other malicious activities. CISA further recommends organizations remain vigilant and follow instructions from legitimate sources. Additionally, CrowdStrike recommended organizations communicate with CrowdStrike representatives through its Support Portal or other official channels.
FINRA asks member firms to please report any critical systems or business operations issues to your Risk Monitoring Analyst. Questions related to this Alert or other cybersecurity related topics can be emailed to CAU.
Note: This Alert does not create new legal or regulatory requirements or new interpretations of existing requirements, nor does it relieve members of any existing obligations under federal securities laws and regulations. Members may consider the information in this Alert in developing new, or modifying existing, practices that are reasonably designed to achieve compliance with relevant regulatory obligations based on a member’s size and business model.
If you would like to add or change who receives this email, please update your firm’s Chief Information Security Officer (CISO), Chief Compliance Officer (CCO) and/or Chief Risk Officer (CRO) contacts in FINRA Gateway.