CrowdStrike has pushed back against criticism from US airline Delta, which claimed the firm should be blamed for flight disruptions after the major IT outage affecting its Falcon sensor product.
The incident, dubbed the largest IT outage ever, rendered millions of Windows devices around the world unusable.
Microsoft estimated that a total of 8.5 million systems were taken offline as a result of the outages, which is likely to be on the lower-end as its projection was based on those who opted to share their crash reports.
In an interview with CNBC, Ed Bastian, CEO at Delta, claimed the airline had suffered costs of $500 million in relation to the outage, strongly hinting it was considering legal action against CrowdStrike.
The outage left Delta’s crew tracking system offline for almost an entire week, meaning it was unable to find and allocate pilots and flight attendants for its services.
This meant Delta was among the slowest airlines to recover from the outage, and had to cancel approximately 30% of its scheduled flights over a five-day period.
When asked about potential compensation from CrowdStrike and Microsoft, Bastion complained the security firm had not offered the company anything at that point, barring “free consulting advice”.
Bastian reiterated that he was disappointed with CrowdStrike’s response to the incident, given the critical role its software plays in infrastructure around the world.
“If you’re going to be having access, priority access to the Delta ecosystem in terms of technology, you’ve got to test the stuff. You can’t come into a mission critical 24/7 operation and tell us we have a bug,”
CrowdStrike on the offensive
On the matter of seeking damages from the cybersecurity firm, Bastian said Delta doesn’t have much choice.
The airline has not filed a lawsuit against CrowdStrike or Microsoft at the time of writing, but reporting from CNN stated Delta has hired the law firm of leading attorney David Boies to seek compensation from the two companies.
In a letter responding to the threats of potential legal action from Delta, CrowdStrike reiterated an apology to the airline’s employees and customers while rejecting accusations of gross negligence or wilful misconduct.
The letter directly addressed Bastian’s claim that the firm had not carried out necessary testing before rolling out updates.
RELATED WHITEPAPER
“Your suggestion that CrowdStrike failed to do testing and validation is contradicted by the very information on which you rely from CrowdStrike’s Preliminary Post Incident Review.”
CrowdStrike’s rebuttal noted Delta’s accusations have created a ‘misleading narrative’ that it was responsible for the airline’s IT decisions and response to the outage.
It raised a series of questions around Delta’s response, noting CrowdStrike took responsibility for its actions immediately, while Delta has yet to explain why its competitors were able to restore operations faster. The cybersecurity firm also questioned why Delta turned down onsite assistance from CrowdStrike professionals, who it noted helped many other customers swiftly restore operations.
Speaking to ITPro, a spokesperson for CrowdStrike said the ‘public posturing’ from Delta was not constructive, and hoped the two firms could agree to find a resolution.
“The letter speaks for itself. We have expressed our regret and apologies to all of our customers for this incident and the disruption that resulted. Public posturing about potentially bringing a meritless lawsuit against CrowdStrike as a long-time partner is not constructive to any party. We hope that Delta will agree to work cooperatively to find a resolution.”
Delta declined to comment when contacted by ITPro.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapersNews While not malicious, the bots can overwhelm web applications in a way similar to bad actors
-
Does speech recognition have a future in business tech?Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
-
Why the CrowdStrike outage was a wakeup call for developer teamsNews The CrowdStrike outage in 2024 has prompted wholesale changes to software testing and development lifecycle practices, according to new research.
-
Westcon-Comstor bags major distribution deal with CrowdStrikeNews The pair’s new distribution agreement aims to capture new market opportunities for Irish channel partners
-
CrowdStrike faces shareholder lawsuit after global IT failureNews Investors are lining up a class action lawsuit amid allegations CrowdStrike misled them
-
Millions of devices bricked and $5.4 billion in losses: The cost of the CrowdStrike outage continues to mountNews The costs associated with the CrowdStrike IT outage could surge in weeks to come, analysis suggests
-
Global IT outage caused by faulty CrowdStrike update could take ‘days and weeks’ to resolve, experts warn
News Responsible for one of the largest IT outages in years, CrowdStrike has had a tough day, but experts warn customers could face a "nightmare" in the coming days
-
Global IT outage: CrowdStrike CEO confirms update "defect" as the source of mass disruptionNews CrowdStrike CEO George Kurtz has lifted the lid on the reason behind a global IT outage that left organizations scrambling
