In response to the threats of a lawsuit by Delta Air Lines, cybersecurity firm CrowdStrike has vehemently defended its actions. The CEO of Delta, Ed Bastian, appeared on CNBC to express that the airline suffered over $500 million in damages due to a software update failure by CrowdStrike on July 19. However, in a letter to Delta’s attorney, CrowdStrike claims to have worked tirelessly to assist Delta in restoring impacted systems after the incident. They state that they reached out to offer assistance within hours of the outage and even the CEO of CrowdStrike offered onsite help, which was not acknowledged by Delta.
Testing and Validation
While Bastian criticized CrowdStrike for not testing its technology properly before implementing it into a mission-critical operation like Delta’s, the cybersecurity firm countered this argument. They rejected the suggestion that they failed to conduct proper testing and validation of their systems. CrowdStrike’s attorney emphasized that if Delta chooses to pursue legal action, they will have to explain why other companies using CrowdStrike were able to recover much faster. Additionally, CrowdStrike’s liability to Delta is capped at a much lower figure than the damages claimed by the airline.
Impact of the Outage
The outage caused by CrowdStrike’s software update failure had global implications, crashing Microsoft Windows operating systems around the world. Bastian mentioned that Delta, despite investing heavily in redundancies, suffered the most due to its heavy reliance on both CrowdStrike and Windows. To recover from the incident, Delta had to manually reset a staggering number of servers, highlighting the significant impact of the failure on the airline’s operations.
The response of CrowdStrike to Delta Air Lines’ threatened lawsuit showcases the complexities and challenges involved in cybersecurity incidents affecting large corporations. Both parties have presented their sides of the story, and it remains to be seen how this situation will unfold in the legal arena. It serves as a reminder of the critical importance of robust testing and validation processes in implementing technology solutions, especially in high-stakes environments like those of major airlines.