Guidance Letter - Notice Regarding Crowdstrike Global Outage

Summary

The New York State Department of Financial Services (DFS) issued an industry notice urging all regulated entities to exercise heightened vigilance for cybersecurity threats during the global Crowdstrike outage. Institutions are advised to monitor for social engineering attacks, as threat actors often exploit periods of IT staff distraction to compromise systems.

Industry Letter

Date: July 19, 2024

To: Chief Information Security Officers at Regulated Institutions

Subject: Notice Regarding Crowdstrike Global Outage

During this global technology outage, the Department is monitoring institutions, market events, and collaborating closely with other state and federal regulators to protect consumers, ensure the health of the entities we regulate, and preserve the stability of the global financial system.

DFS reminds all regulated entities to be vigilant at this time. Threat actors have been known to launch attacks during periods when IT and security staff are distracted, especially through social engineering.

All DFS-regulated entities are encouraged to be on high alert for suspicious emails, calls, and in-person contacts purporting to be a vendor working on this issue.

For further details, please see the U.S Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency’s information on Avoiding Social Engineering and Phishing Attacks.

Common questions

What does "Guidance Letter - Notice Regarding Crowdstrike Global Outage" cover?

The New York State Department of Financial Services (DFS) issued an industry notice urging all regulated entities to exercise heightened vigilance for…

Which agency issued this update?

This update was issued by New York State Department of Financial Services.

When was it published?

It was published on July 19, 2024.

Summary

Industry Letter

Common questions

Related updates