Delta & CrowdStrike Global IT Outage: Explained

Share
Delta Air Lines sues CrowdStrike after a global outage caused mass flight cancellations
Delta seeks compensation from CrowdStrike after global flight cancellations, highlighting the critical role of technology in aviation operations

Modern airlines heavily rely on complex technological systems for efficient operations, from flight scheduling to passenger services.

While essential for smooth air travel worldwide, this dependence exposes airlines to risks from software failures and cybersecurity breaches.

Such incidents can have far-reaching consequences, affecting millions of passengers and causing substantial financial losses.

The recent lawsuit filed by Delta Air Lines against cybersecurity firm CrowdStrike highlights the critical importance of reliable software systems in aviation and the potential impact of technological failures.

This case, stemming from a July 2024 incident that caused widespread disruption to Delta's operations, underscores the intricate relationship between airlines and their technology providers.

It also raises questions about responsibilities in ensuring system reliability and resilience in an increasingly digitised industry.

Key facts:
  • Delta Air Lines is suing CrowdStrike for over US$500m in damages
  • The lawsuit stems from a global outage in July that caused 7,000 flight cancellations
  • 1.3 million passengers were affected over a five-day period
  • CrowdStrike denies responsibility, blaming Delta's "antiquated IT infrastructure"
  • The US Transportation Department has opened an investigation into the incident

The legal action stems from a global outage in July that resulted in mass flight cancellations and disrupted travel plans for 1.3 million customers.

According to Delta, the incident was caused by a faulty software update from CrowdStrike, which the airline describes as "catastrophic".

The lawsuit alleges that CrowdStrike "forced untested and faulty updates to its customers, causing more than 8.5 million Microsoft Windows-based computers around the world to crash".

Delta claims that the outage led to the cancellation of 7,000 flights over five days, impacting 1.3 million passengers.

The airline is seeking over US$500m in out-of-pocket losses, as well as an unspecified amount for lost profits, expenditures including attorneys' fees and "reputational harm and future revenue loss".

CrowdStrike, however, rejects Delta's claims.

In a statement, the cybersecurity firm said: "Delta's claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernise its antiquated IT infrastructure".

Tech industry implications and regulatory response

The incident has drawn attention from regulatory bodies, with the US Transportation Department opening an investigation into the matter.

Youtube Placeholder

This scrutiny highlights the potential for increased oversight of airlines' technology infrastructure and their relationships with software providers.

The case also inevitably raises important questions about the balance between cybersecurity measures and operational stability in the aviation industry.

As airlines continue to digitise their operations, they must navigate the complex landscape of cybersecurity threats while ensuring that protective measures do not inadvertently compromise system reliability.

Delta asserts that it has invested billions of dollars "in licensing and building some of the best technology solutions in the airline industry" as part of its IT planning and infrastructure.

However, CrowdStrike has questioned why Delta fared significantly worse than other airlines during the incident, suggesting that the problem may lie with Delta's own IT systems rather than the software update.

The lawsuit raises important questions about liability and responsibility in the event of software-related disruptions.

Delta argues that CrowdStrike is liable for the losses incurred, saying: "If CrowdStrike had tested the faulty update on even one computer before deployment, the computer would have crashed".

This case may set a precedent for how liability is determined in similar incidents in the future, potentially influencing how airlines and technology providers approach software updates and system maintenance.

Adam Meyers, a Senior Vice President at CrowdStrike

Last month, Adam Meyers, a Senior Vice President at CrowdStrike, apologised before Congress for the faulty software update.

He explained that the company had released a content configuration update for its Falcon Sensor security software, which resulted in system crashes worldwide, saying: "We are deeply sorry this happened and we are determined to prevent this from happening again".

As the legal battle unfolds, the aviation and technology industries will be closely watching the outcome.

The case could have far-reaching implications for how airlines manage their technology partnerships, how software providers approach updates and testing and how regulators oversee the intersection of cybersecurity and operational reliability in critical industries like aviation.

******

Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Technology Magazine is a BizClik brand

Share

Featured Articles

Will Trump’s Tariffs Threaten Global Technology Trade?

Global supply chains for renewable energy technology faces disruption as the US imposes new tariffs on Chinese imports, threatening price increases

Google Drops Diversity Targets as US Tech Firms Review DEI

Alphabet’s search and advertising unit joins Meta and Amazon in reassessing workplace programmes following Trump administration executive orders

How Quantum Computing Could Add £212bn to UK Economy by 2045

Oxford Economics research shows quantum technology could increase UK productivity by 7% by 2045, with pharmaceutical and defence sectors leading adoption

Why UK’s MoD is Investing £50m in AI and Data Analytics

Data & Data Analytics

SAP: Why The UK Faces AI Adoption Hurdles Amid Global Race

AI & Machine Learning

Quantinuum: The First Quantum-Generated Data For AI

AI & Machine Learning