CrowdStrike Senior Exec Apologises for Global IT Outage
Adam Meyers, Senior Vice President for Counter Adversary Operations at CrowdStrike, told the House Homeland Security Cyber Infrastructure Protection subcommittee that the company was sorry for its significant role in the widespread IT outage earlier in the year.
In his testimony, shared on 24th September 2024, he shared: “I am here today because, just over two months ago, on July 19, we let our customers down.
“On behalf of everyone at CrowdStrike, I want to apologise.”
He shared that the company has undertaken “a full review of our systems” to prevent the cascade of errors from occurring again. This includes a content configuration update for the cybersecurity company’s Falcon Sensor security software that resulted in the numerous system crashes around the world.
What happened on 19th July
Earlier in 2024, multiple essential business sectors around the world were impacted by a global IT outage that impacted 8.5 million Microsoft Windows PCs.
The blackout caused issues around the world, with the infamous ‘blue screen of death’ showing on people’s computers. Flights were grounded, hospital services were halted and events like the Paris 2024 Olympic Games were disrupted. Small businesses also lost sales.
According to Microsoft, the outage was as a result of a detect in a faulty CrowdStrike update, the tech giant’s cybersecurity vendor who is responsible for providing antivirus software for its Windows software.
CrowdStrike subsequently took the brunt of the blame for the incident, causing its decade-long reputation to be impacted as it lost one-fifth of its value overnight.
"We are deeply sorry this happened and we are determined to prevent this from happening again," Adam told the subcommittee. "We have undertaken a full review of our systems and begun implementing plans to bolster our content update procedures so that we emerge from this experience as a stronger company.”
CrowdStrike’s commitment to improve incident management
Already, in the immediate aftermath of the incident, CrowdStrike pledged to improve its software testing and quality control checking. It also announced plans to implement a “staggered deployment strategy” for similar changes.
Adam Meyers stated to the subcommittee that the issues were not due to a cyberattack or driven by AI. He stated that new threat detection configurations were sent to sensors running on Microsoft Windows devices, but the “configurations were not understood by the Falcon sensor’s rules engine, leading affected sensors to malfunction until the problematic configurations were replaced.”
In August 2024, CrowdStrike cut its revenue and profit forecasts in the aftermath of the faulty software update, in addition to stating the situation would be challenging for another year.
Adam stated that CrowdStrike is continuing to take full responsibility for the outage, saying that they had since implemented a series of changes to prevent a similar-scale event from happening again.
Notably, the company will no longer be rolling out its software updates globally to all customers within a single session. This is in addition to allowing customers to select when they receive their updates.
All things considered, the impact on businesses around the world cannot be understated, with organisations like Delta Air Lines having sued the cybersecurity firm. Delta in particular faced roughly 7,000 flight cancellations and hundreds-of-thousands of reimbursement requests from its customers.
“We cannot allow a mistake of this magnitude to happen again,” commented Representative Mark Green, who chairs the House Homeland Security Committee. He referred to the event as “a catastrophe that we would expect to see in a movie.”
******
Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Technology Magazine is a BizClik brand
- Sage: How Businesses can Succeed with Digital TransformationDigital Transformation
- AMD Unveils CPU & GPU Solutions in AI Leadership BidCloud & Cybersecurity
- OpenAI and the Battle to Stop Social Media ManipulationAI & Machine Learning
- OUT NOW- Top 100 Companies in Technology 2024Digital Transformation