Adam Meyers, a senior executive of cybersecurity firm CrowdStrike, apologized before a US House of Representatives panel for a software update blunder that triggered a global IT disruption in July. Meyers, the company’s senior vice president for counter-adversary operations, revealed that a defective content configuration update in its Falcon Sensor security software caused system breakdowns worldwide.
The outage on July 19 impacted many businesses globally, including airlines, banking, healthcare, media, and hotels. Internet services were also affected, impacting around 8.5 million Microsoft Windows devices. Delta Air Lines was significantly affected, suspending 7,000 flights and impacting 1.3 million customers. Delta believes the downtime cost them $500 million, and they have threatened legal action against CrowdStrike.
According to Meyers, the problem was neither caused by a hack nor an artificial intelligence (AI) error. The fundamental reason was a breakdown in communication between the new threat detection setups and the Falcon sensor’s rules engine. The defective update caused sensors on Microsoft Windows systems to fail, resulting in widespread disruption until the setups were fixed.
Meyers informed the U.S. Homeland Security Cybersecurity and Infrastructure Protection Subcommittee that CrowdStrike is dedicated to avoiding such breaches from happening again. The firm has begun a thorough evaluation of its systems and is revising its methods to improve information updates. Meyers said, “We are deeply sorry this happened and we are determined to prevent this from happening again.”
The impact of the July outage has been severe for CrowdStrike. Last month, the firm reduced its sales and profit estimates, citing continued issues connected to the botched upgrade. Meyers confessed that it would take the firm approximately a year to properly recover from the disaster.