NOTE: Sawyers & Jacobs LLC does not use CrowdStrike for our firm operations nor do we use this solution in any of the services we provide. All of our systems are operational and unaffected at this time.
Who Is CrowdStrike?
CrowdStrike Holdings, Inc. is a cybersecurity technology company headquartered in Austin, Texas. Used by many Fortune 500 companies, CrowdStrike provides cloud workload protection and endpoint security, threat intelligence, and cyberattack response services. Primarily, they are an endpoint detection and response solution typically deployed on workstations and servers.
In sum, this company touches a lot of organizations as a direct provider or an upstream or “fourth-party” provider (your third party’s third-party vendor).
What Happened?
This doesn’t appear to be a “hack.” It appears to be a “faulty update” that got deployed by CrowdStrike to its customers running computers using Microsoft Windows.
Is This a Microsoft Issue?
No. It should be noted that this is not a Microsoft-created problem or something wrong in Microsoft Windows. The problem was created by the CrowdStrike faulty software update and how it interacts with Windows.
Who Was Affected?
A large number of organizations worldwide ranging from airlines and hospitals to municipalities, and yes, some banks.
What Do We Know?
Most community banks do not use CrowdStrike directly; however, many might be impacted due to their providers using CrowdStrike.
What Should We Do?
- Determine if your bank uses CrowdStrike directly. If so, prepare to implement the “fix” when provided by CrowdStrike.
- As usual, review and test your patch management programs, business continuity plans, as well as your managed detection and response capabilities…to name three key areas.
- If your systems, services, and applications are unaffected, consider letting your customers know that your bank is operating normally. This is a major incident, no notification to your customers could be interpreted as a problem.
- Monitor updates on this fluid situation.
- Perform the proper risk assessments to maintain awareness of such threats and the mitigation controls your bank needs to reduce risk to an acceptable level.
- Use this as an opportunity to review your third-party risk management/vendor management programs, as well as your IT audit and cybersecurity assessment coverage and your business continuity planning.
Can You Help?
We would be glad to schedule a meeting to discuss your cybersecurity preparedness, vendor management, IT audit and cybersecurity assessment coverage, business continuity planning, or enterprise risk management.
Please contact Dana Wilkes, our Vice President – Client Services, at dwilkes@sawyersjacobs.com to schedule a free consultation.
Click here for an online copy of this alert that you can share within your organization.