Since news broke overnight that an incident at the CrowdStrike cybersecurity firm caused IT outages affecting multiple industries across the globe, ICBA has been closely monitoring the situation in coordination with financial services partners and officials.
To help community banks answer customer inquiries, ICBA offers a customizable template for outbound messages to customers on the incident and its potential impact on the availability of banking services.
While many questions remain, here’s what is known:
CrowdStrike said it is actively working with customers affected by a single content update for Windows hosts, and it is providing updates on its blog. CrowdStrike said it has not experienced a security incident or cyberattack, and Mac and Linux hosts are not affected.
Microsoft stated it has completed mitigation actions and previously affected Microsoft 365 apps and services have recovered.
The incident has affected some community banks, with some reporting that downed systems are in the process of being restored successfully.
The Financial Services Sector Coordinating Council (FSSCC) and the Financial Services Information Sharing and Analysis Center (FS-ISAC) report that the incident is not significantly affecting the financial sector’s ability to provide finance services to customers.
ICBA remains engaged with federal officials from the Treasury Department and banking regulators as well as industry groups such as FSSCC and FS-ISAC. The organization will continue working to convey community bank concerns about the incident to federal officials, gather additional details, assess the impact on the industry, and keep community bankers apprised of the latest developments.