In response to the threat of a lawsuit by Delta Air Lines, cybersecurity firm CrowdStrike has pushed back and defended its actions. CrowdStrike claims that it worked tirelessly to assist Delta in restoring impacted systems following the software update failure. The company reached out to Delta within hours of the incident, offering assistance and remediation options. Despite these efforts, Delta’s CEO, Ed Bastian, mentioned that CrowdStrike only offered free consulting advice, which was not sufficient according to Delta’s expectations.
One of the key points of contention is Bastian’s claim that CrowdStrike should have tested its technology before rolling out the update. However, CrowdStrike’s attorney, Michael Carlinsky, rejected this accusation, stating that testing and validation were indeed performed. Carlinsky also pointed out that other companies using CrowdStrike’s security systems were able to restore operations much quicker than Delta, raising questions about Delta’s own IT infrastructure and operational resiliency. If Delta decides to proceed with a lawsuit, it may have to publicly disclose sensitive information about its systems and decision-making processes.
According to the contract between CrowdStrike and Delta, the cybersecurity firm’s liability is capped in the single-digit millions. This raises another issue for Delta in terms of potential compensation for the damages incurred as a result of the outage. Bastian mentioned that Delta had to manually reset 40,000 servers during the recovery process, highlighting the extent of the impact on the airline’s operations.
Despite having made significant investments in redundancies, Delta was particularly vulnerable to the CrowdStrike failure due to its heavy reliance on both CrowdStrike and Microsoft Windows operating systems. This resulted in over 6,300 flight cancellations and an estimated $500 million in losses for the airline. Bastian emphasized the importance of mission-critical systems in a 24/7 operation like Delta’s, stressing the need for robust testing and validation to prevent such incidents in the future.
Overall, the situation between Delta Air Lines and CrowdStrike reflects the complex nature of cybersecurity failures and their impact on critical infrastructure. Both parties have valid concerns and arguments, highlighting the importance of thorough testing, communication, and collaboration in ensuring the security and reliability of IT systems.