Blake Montgomery and Johana Bhuiyan 

CrowdStrike apologizes for global IT outage in congressional testimony

Faulty update from cybersecurity company grounded hospitals, airports and payment systems in July
  
  

people walking by row of blue screens
Screens show a blue error message at LaGuardia airport in New York, on 19 July 2024. Photograph: Yuki Iwamura/AP Photo

A CrowdStrike senior executive apologized for causing a global software outage that ground the operations of hospitals, airports, payment systems and personal computers around the world to a halt in July.

Adam Meyers, senior vice-president for counter-adversary operations at CrowdStrike, testified before Congress on Tuesday. Meyers will speak to the House homeland security cybersecurity and infrastructure protection subcommittee. In his testimony, he said: “I am here today because, just over two months ago, on July 19, we let our customers down … On behalf of everyone at CrowdStrike, I want to apologize.” He will say the company has undertaken “a full review of our systems” to prevent the cascade of errors from occurring again.

The global software outage, which delayed flights and medical procedures and caused computers worldwide to display Microsoft’s famous “blue screen of death”, was first thought to be the result of a sophisticated and malicious cyber-attack against the maker of Windows. The actual explanation, however, brought to mind Hanlon’s razor: CrowdStrike had published an update to its Falcon sensor software, meant to detect and contain cybersecurity threats, which crashed roughly 8.5m computers running Windows instead.

Meyers said the company was taking full responsibility for the crashes: “The July 19 incident stemmed from a confluence of factors that ultimately resulted in the Falcon sensor attempting to follow a threat-detection configuration for which there was no corresponding definition of what to do.”

Meyers said the company has implemented some changes that should prevent an outage from happening at this scale again. For instance, CrowdStrike will no longer roll out its software updates globally to all customers in a single session. The company is also allowing customers to select when they receive their updates; they can wait to be among the second- or third-round clients who receive the update.

They can even choose to hold off on an update, though that could make them more vulnerable to security beaches because they won’t have the most up-to-date threat assessment, Meyers warned.

CrowdStrike’s products rank among the world’s most widely used cybersecurity software. The company has boasted on its site that it protects more than half of America’s Fortune 1,000 companies. After the disastrous, botched update, however, it lost tens of billions of dollars in market value, and its CEO has conducted a months-long apology tour.

 

Leave a Comment

Required fields are marked *

*

CAPTCHA

*