subscribe Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Subscribe now
A CrowdStrike logo is seen in this illustration. Illustration: REUTERS/DADO RUVIC
A CrowdStrike logo is seen in this illustration. Illustration: REUTERS/DADO RUVIC

Washington — A senior executive at cybersecurity firm CrowdStrike apologised at an appearance before a US House of Representatives subcommittee on Tuesday for a faulty software update that caused a global IT outage in July.

Adam Meyers, senior vice-president for counteradversary operations at CrowdStrike, told the House homeland security cybersecurity and infrastructure protection subcommittee that CrowdStrike released a content configuration update for its Falcon Sensor security software that resulted in system crashes worldwide.

“We are deeply sorry this happened and we are determined to prevent this from happening again,” Meyers said. “We have undertaken a full review of our systems and begun implementing plans to bolster our content update procedures so that we emerge from this experience as a stronger company.”

He said the issues was not the result of a cyberattack or prompted by AI.

The July 19 incident led to worldwide flight cancellations and affected industries globally including banks, healthcare, media companies and hotel chains. The outage disrupted internet services, affecting 8.5-million Microsoft Windows devices.

“We cannot allow a mistake of this magnitude to happen again,” said Representative Mark Green, who chairs the House homeland security committee calling the events “a catastrophe that we would expect to see in a movie”.

Meyers said that on July 19 new threat detection configurations were validated and sent to sensors running on Microsoft Windows devices but the “configurations were not understood by the Falcon sensor’s rules engine, leading affected sensors to malfunction until the problematic configurations were replaced”.

Delta Air Lines has vowed to take legal action, saying the outage forced it to cancel 7,000 flights, affecting 1.3-million passengers over five days, and cost it $500m. CrowdStrike rejected Delta’s contention that it should be blamed for huge flight disruptions.

Last month, CrowdStrike cut its revenue and profit forecasts in the aftermath of the faulty software update, and said the environment would remain challenging for about a year. 

Reuters

subscribe Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Subscribe now

Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.