BOSTON–Talk about a presentation that could not have been any more fitting—or ironic.
During a presentation on cybersecurity issues at the World Credit Union Conference here, one of the presenters was absent due to airline delays caused by the CrowdStrike cybersecurity incident that led to outages at numerous major services providers, especially Delta Airlines. A faulty update that shut down Microsoft 365 caused numerous other issues—and even some temporary glitches at some credit unions.
With flight cancelations forcing David Glod, vice president for IT Security at Mountain America Credit Union in Utah, to miss the session, co-host Gerard Joyce, chief technology officer for CalQRisk, focused on the issue that remains very much in the news.
How to Best Respond
“So, you’re thinking, ‘How could we have avoided this issue with CrowdStrike?’ because CrowdStrike had access to Microsoft at the lowest level, at the root level,” said Joyce. “So, diversity in operating systems. If you’re looking for a strategy for combating this, have a different operating system. And have a laptop that you don’t switch on every day, so there’s at least one that is working when the bad fixes hit.”
‘Sense of Urgency’
Joyce told the meeting he hopes the CrowdStrike incident provides a sense of urgency to credit unions that haven’t made a plan to prevent service disruptions.
“I urge you to think about what teams you would need if you had a cyberattack,” he said. “Think about alternates. Think, if John is the IT manager but is on holiday, you need to have an alternative.”
If a service disruption or cyberattack does happen, Joyce advised not turning off power to a credit union’s servers.
“The regulator would be asking you, ‘How long has this been going on? And how did they get in?’ And if you pull the power on the server, you lose information,” said Joyce. “Cut connectivity (to the Internet), not power.”