CrowdStrike exec apologises to US legislators for disastrous software glitch
A content configuration update for its Falcon Sensor security software caused system crashes worldwide, says Adam Meyers, senior vice-president for counteradversary operations
25 September 2024 - 13:57
byDavid Shepardson
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
A CrowdStrike logo is seen in this illustration. Illustration: REUTERS/DADO RUVIC
Washington — A senior executive at cybersecurity firm CrowdStrike apologised at an appearance before a US House of Representatives subcommittee on Tuesday for a faulty software update that caused a global IT outage in July.
Adam Meyers, senior vice-president for counteradversary operations at CrowdStrike, told the House homeland security cybersecurity and infrastructure protection subcommittee that CrowdStrike released a content configuration update for its Falcon Sensor security software that resulted in system crashes worldwide.
“We are deeply sorry this happened and we are determined to prevent this from happening again,” Meyers said. “We have undertaken a full review of our systems and begun implementing plans to bolster our content update procedures so that we emerge from this experience as a stronger company.”
He said the issues was not the result of a cyberattack or prompted by AI.
The July 19 incident led to worldwide flight cancellations and affected industries globally including banks, healthcare, media companies and hotel chains. The outage disrupted internet services, affecting 8.5-million Microsoft Windows devices.
“We cannot allow a mistake of this magnitude to happen again,” said Representative Mark Green, who chairs the House homeland security committee calling the events “a catastrophe that we would expect to see in a movie”.
Meyers said that on July 19 new threat detection configurations were validated and sent to sensors running on Microsoft Windows devices but the “configurations were not understood by the Falcon sensor’s rules engine, leading affected sensors to malfunction until the problematic configurations were replaced”.
Delta Air Lines has vowed to take legal action, saying the outage forced it to cancel 7,000 flights, affecting 1.3-million passengers over five days, and cost it $500m. CrowdStrike rejected Delta’s contention that it should be blamed for huge flight disruptions.
Last month, CrowdStrike cut its revenue and profit forecasts in the aftermath of the faulty software update, and said the environment would remain challenging for about a year.
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
CrowdStrike exec apologises to US legislators for disastrous software glitch
A content configuration update for its Falcon Sensor security software caused system crashes worldwide, says Adam Meyers, senior vice-president for counteradversary operations
Washington — A senior executive at cybersecurity firm CrowdStrike apologised at an appearance before a US House of Representatives subcommittee on Tuesday for a faulty software update that caused a global IT outage in July.
Adam Meyers, senior vice-president for counteradversary operations at CrowdStrike, told the House homeland security cybersecurity and infrastructure protection subcommittee that CrowdStrike released a content configuration update for its Falcon Sensor security software that resulted in system crashes worldwide.
“We are deeply sorry this happened and we are determined to prevent this from happening again,” Meyers said. “We have undertaken a full review of our systems and begun implementing plans to bolster our content update procedures so that we emerge from this experience as a stronger company.”
He said the issues was not the result of a cyberattack or prompted by AI.
The July 19 incident led to worldwide flight cancellations and affected industries globally including banks, healthcare, media companies and hotel chains. The outage disrupted internet services, affecting 8.5-million Microsoft Windows devices.
“We cannot allow a mistake of this magnitude to happen again,” said Representative Mark Green, who chairs the House homeland security committee calling the events “a catastrophe that we would expect to see in a movie”.
Meyers said that on July 19 new threat detection configurations were validated and sent to sensors running on Microsoft Windows devices but the “configurations were not understood by the Falcon sensor’s rules engine, leading affected sensors to malfunction until the problematic configurations were replaced”.
Delta Air Lines has vowed to take legal action, saying the outage forced it to cancel 7,000 flights, affecting 1.3-million passengers over five days, and cost it $500m. CrowdStrike rejected Delta’s contention that it should be blamed for huge flight disruptions.
Last month, CrowdStrike cut its revenue and profit forecasts in the aftermath of the faulty software update, and said the environment would remain challenging for about a year.
Reuters
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
Most Read
Related Articles
CrowdStrike earnings to reveal fallout from global Windows outage
Delta Air takes legal route over CrowdStrike outage
KATE THOMPSON DAVY: CrowdStrike outage is a boon for the anti-concentration ...
Published by Arena Holdings and distributed with the Financial Mail on the last Thursday of every month except December and January.